Pre-Initialized Ledger From eBay: A $34K Lesson

The eBay Ledger that wasn't sealed

March 2025. A holder in Tucson buys a "new in box" Ledger Nano X on eBay for $89 — $40 below MSRP. The packaging looks pristine. He sets it up, generates a "new" 24-word seed displayed on the device screen, writes it down, transfers $34,000 in BTC to the receive address. Two weeks later, the wallet is drained.

The seller had pre-initialized the device with a seed phrase they already knew, then carefully resealed the packaging. The "new seed" the device showed on first boot was the seller's seed, displayed as if it were fresh.

Why this attack is the hardest to spot

The device works. The setup flow looks normal. The seed phrase is shown on the device screen, exactly as the security model promises. The only difference is: the operator knew the seed before the victim ever opened the box. Once the victim funds an address derived from that seed, the operator drains it.

The four rules for hardware wallet purchase

• Buy only from the manufacturer's website. Ledger: ledger.com. Trezor: trezor.io. Coldcard: coinkite.com. Never eBay, never Amazon (third-party sellers), never Craigslist, never a "trusted friend." The $20 you save buying secondhand is the cheapest part of the loss.
• Reject any "new" device under MSRP. Manufacturers control retail pricing tightly. A 30% discount on a Ledger is the proof that something is wrong.
• If you have to buy a used device, wipe it first. Boot it, intentionally enter the PIN wrong three times to wipe it (Ledger), or run a factory reset (Trezor). Then re-initialize and generate a fresh seed. The wipe-then-init flow is the only way to be sure the seed shown to you is one the prior owner does not have.
• Inspect the packaging. Ledger uses tamper-evident seals on newer models. Trezor uses a holographic sticker. Check both against the manufacturer's published photos of fresh packaging — but understand that careful resealers can replicate seals.

The recovery option

If you suspect a pre-initialized device: do not fund it. Even small amounts. Wipe the device, initialize from scratch, and verify the new seed is different from the one shown initially (write down both, the seller would have to be lucky to have generated the same one twice). If funds are already on it, move them within the hour to addresses from a freshly initialized device.

The rule I follow

I treat every hardware wallet under $5 above the manufacturer's price as a backup, used for tiny test amounts only. The high-value device is always direct from the manufacturer, paid by card, shipped to my actual address.