Spectre and Meltdown will steal your cryptocurrency

👑Dan Rice
Jan 9, 2018 · 4 min read
Image for post
Image for post
The clock is ticking on your cryptocurrency

Spectre and Meltdown do not represent a simple exploit, but rather a newly discovered type of side channel attack that affects all modern cpus from your smartphone cpu to your computer. The entire computing world is at risk.

The basics of the attack

Websites you visit run code on your computer

These attacks leave limited forensic trace information

Stealing cryptocurrency is the perfect attack usage

Cryptocurrency users visit common websites

Known attacks are currently in proof-of-concept stage

The OS and browser patches released do not solve the problem

What you can do to protect yourself

  1. Cease usage of any browser-based password managers. Modern browsers have password tools built in and also allow extensions to store passwords through services such as Lastpass. Metamask may also be at risk. Keep your passwords as far away from your computer’s browser as possible. If you use a secondary application on your computer to store and save passwords that will make attacks more difficult. Furthermore, storage on a secondary device will be even more secure. This could be your phone or something like this.
  2. Move your cryptocurrency private keys off of exchanges when you aren’t actively trading them. Remember, exchanges are also susceptible to these attacks and may lose your funds if they are attacked.
  3. Move cryptocurrency off your computer to paper or hardware wallets like Trezor or Ledger. This will protect you against almost all simple javascript attacks and limit the chances of loss. Hardware wallets may be exploitable, but the attacks would have to be focused on a particular device and extremely complex.
  4. Don’t put all your eggs in one basket. Even if you use hardware wallets, consider using multiple hardware wallets from different brands and maybe mix in some paper wallets too. Remember that every storage approach has weaknesses. Sometimes you can lose cryptocurrency from purely bugs and so for this reason you should not use a single tool to store all your assets. Even particular cryptocurrencies may be exploited and you should consider splitting any cryptocurrency you hold amongst multiple in case a catastrophic bug occurs in one. Diversify in every direction possible.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store