MultiversX Tracker is Live!

A hypothetical scenario: A software wallet get's hacked - Dos and Don'ts

All Cryptocurrencies

by COINS NEWS 96 Views

Anyone remembers the MyAlgo Wallet or Atomic Wallet hack from earlier this year? In both cases attackers exploited software vulnerabilities to systematically gather user seeds / private keys to steal their assets. The affected individuals did no major mistake like giving away their seed - their funds were just suddenly gone

That's probably a horror scenario for many crypto investors, but two things are certain: It will happen again - and how you handle the situation can decide if you keep your funds or not. So let's go through a hypothetical scenario and discuss what you should and shouldn't do.

The scenario

You wake up on a beautiful Sunday morning - it's a Holiday weekend, Monday will be off - Hackers love picking times like this when people are busy with friends and family and no one is in office to immediately react. For them every minute counts.

You open your favorite sub and see a pinned post. "MAXX WALLET COMPROMISED - 200M$ in user assets stolen". Another post says "Move your funds out of Maxx Wallet as fast as possible!"

Don'ts

You might be panicking right now. You hold a significant amount of funds on Maxx Wallet.

But the most important thing right now is: You should NOT sign in to your wallet. If possible, you shouldn't even turn on the device your wallet is located on.

In times like this there will be almost no information. No one knows what exactly happened. The attacker might have access to your wallet already, but there are a ton of scenarios in which they don't

Possible attacks

Malicious Update - There might be a malicious update / hotfix stealing user data and sharing it with the attacker. If you haven't updated your wallet you might be safe, opening your wallet will expose your seed and steal your funds fastet than any human could react.

Malware - Malware that spread all over the internet is targeting wallet information. However wallet files are usually encrypted and modern encryption makes these files very secure if you picked a secure password. In many cases malware has to wait for the user to unlock their wallet - they could either try to record your password when you type it in or steal the decrypted keys from the wallet when being used.

This is obviously not a complete list, just some anecdotal examples. Both have something in common: They require YOU opening your wallet to steal your funds. Once you open it and the information is shared, a bot will grab your crypto, a human has literally no chance to beat it.

Dos

You have to check your assets and move them out as fast as possible, without using your wallet.

The next steps will depend on your situation. Where are you using your wallet? If the device is currently turned off, don't touch it! If the device is turned on already; Immediately turn it off or at least disconnect it from internet.

On a different device, install a compatible software wallet and use your secret recovery phrase to restore your wallet. In unfortunate situations you may have to use different wallets to access all of your coins.

Send your assets to a different (unexposed) wallet you already own or create a new wallet with the alternative wallet you are using right now. Don't forget to write down the new recovery phrase.

You can't find a compatible wallet

Let's say you restore your wallet and it's empty - however you notice it wasn't emptied, it's the wrong wallet. There are (sadly) still a few wallets that do some shenanigans with derivation paths, and at the same time not all wallets allow changing them.

There is one thing that you can do now: You need to open the compromised wallet to view your private keys. I told you earlier you shouldn't do it, but it might be your last resort in some situations. And there is one way to actually do it securely: Make 100% sure to open it offline. Most crypto wallets will work offline to the point where you can still display your keys. Also, you should not reconnect your device to the internet until your funds are secured. Once you have the private keys, you can use them to restore your wallet and send your funds out.

Avoid getting into this situation

Now this was some theorycraft for how to handle this situation - and I think its important to be prepared for situations like this.

However the most important message of this post might be: If possible, use a hardware wallet. I was an active MyAlgo users when the hack happened, and I didn't lose a cent because I had it connected to my Ledger1. While a malicious update might in theory still ask your wallet to sign a malicious transaction, you would notice that when confirming it - but you can be almost sure no software wallet you use will steal your crypot while you sleep when using a hardware wallet.

It's ok to use hot wallets for daily interactions, but if you do so: Keep the amounts in these wallets as small as possible.

tl;dr:

If a software wallet you actively used get's compromised - do not open it! Restore your seed in a different wallet on a different device to move your funds out. If you can, don't even turn the device on thats holding the affected wallet.

1 I'm retelling what happened and do NOT reccomend using Ledger because the company doesn't value crypto standards any longer

submitted by /u/Maxx3141
[link] [comments]
Get BONUS $200 for FREE!

You can get bonuses upto $100 FREE BONUS when you:
πŸ’° Install these recommended apps:
πŸ’² SocialGood - 100% Crypto Back on Everyday Shopping
πŸ’² xPortal - The DeFi For The Next Billion
πŸ’² CryptoTab Browser - Lightweight, fast, and ready to mine!
πŸ’° Register on these recommended exchanges:
🟑 Binance🟑 Bitfinex🟑 Bitmart🟑 Bittrex🟑 Bitget
🟑 CoinEx🟑 Crypto.com🟑 Gate.io🟑 Huobi🟑 Kucoin.



Comments