5 Ways to Prevent Your Crypto Wallet From Being Hacked
This is a guest post by Brooke Glew of Rivetz. The views and opinions expressed in this blog do not necessarily reflect those of the PolySwarm organization nor is this considered professional advice.
Stories of exchanges getting hacked (BitGrail and Coincheck being the two most notable of 2018… so far) is starting to feel like a regular occurrence.
If we keep money in a bank, it’s ultimately up to the bank to protect that money. We pay fees for the account to be maintained, but if someone went into the bank and robbed it, the bank would insure the funds so that we would not personally lose.
Crypto is different, we are our bank.
What comes with that is responsibility; the responsibility to protect our assets. These assets are digital and guess what — digital assets can be hacked. Just like a bank can be robbed, a hacker can stroll on into your personal bank (your crypto wallet) and take what is yours. No insurance and no one to blame.
If you’re storing crypto assets in wallets there are a number of things you can do to protect yourself. Keep these five tips in mind to keep your digital assets secure.
1. Use Two Factor Authentication
If the wallet offers a two-factor authentication (2FA) take it. This means that if someone had access to your login details, they would also need your phone to get the 2FA code. However, note that text and email 2FA are not recommended as these can easily be intercepted if someone has access to your email, or ports your phone number to a new device.
Paul Makowski, PolySwarm CTO, suggests the best 2FA options, in order of most to least secure, are as follows:
- Hardware dongle, see: https://landing.google.com/advancedprotection/
- An app on your phone that doesn’t sync your secrets anywhere (e.g. Google authenticator)
- An app on your phone that does sync (e.g. Authy)
- Email based
- SMS based
Bonus: The upcoming Rivetz Authenticator is also a trusted hardware 2FA option that’s a safer alternative to other software 2FA’s as the keys are stored within the Trusted Execution Environment.
2. Don’t Use Public Wi-Fi
We have access to public WIFI in a variety of places, from libraries and councils to hotels, cafes and airports, allowing for an anywhere office. Crypto is 24/7 and hackers know it, and access to Wi-Fi makes it tempting to log into our accounts, wallets and exchanges on-the-go. But this is risky.
The vulnerability that comes with public Wi-Fi is that they make it easy for hackers to access computers that are connected to that network. There are three specific ways in which public Wi-Fi is risky, as David Maimon, Assistant Professor in the department of Criminology and Criminal Justice at the University of Maryland told Digital Trends:
- Man-in-the-middle attacks
- Malware
- Wi-Fi sniffing
To avoid this issue, don’t have your Wi-Fi turned on, allowing it to search and connect public Wi-Fi connections. Have it turned off and carry with you an internet dongle for private connection instead. Something that costs you $10 a month could save you hundreds of thousands of dollars in asset protection. If your data plan allows for it, you can also use your own hotspot from your cell phone.
3. Beware When You Download (Even On Your Phone!)
Files can have malware attached to them and once on your device, that malware can action a number of sinister commands. Gone are the days that the only concern is someone racking up your phone bill or data. Now we need to worry about the malware reading keystrokes, granting hackers access to our accounts and even allowing them to read the screen on our phone.
Be cautious when downloading files, not only in email. Remember that there are clever people out there in crypto. You’ll notice files posted in communities, on Telegram, Facebook, Reddit, Bitcoin Talk, etc. As tempting at it is to click them, be aware that they could be bait. Always use caution. You can even use Kapersky’s File Desk to quickly check links and files.
4. Use ProtonMail
Whether you have a free online email or own your own server, you’re vulnerable to malicious email access. ProtonMail is an encrypted email service that takes a different approach to email security. The encryption means that no one but you can read your emails, not even ProtonMail themselves.
Note: that we do not work with nor endorse ProtonMail, it is merely a resource the author believes may be valuable.
5. Keep Private Keys Offline
If you have wallets on your computer, always store your private keys offline either on an external hard drive or as a hard copy, stored someone in your house. If someone gains access via malware or public Wi-Fi, this allows you to limit what they can find or take, which buys you time to realize that your device is comprised before anything important is stolen.
Bio: Brooke Glew is Senior Community Manager for Rivetz, world-class security giving you higher quality customer relationships, blockchain transactions and private key storage. She is a cryptocurrency and blockchain enthusiast. Check out the Rivetz Blog and connect with Brooke on LinkedIn.
