With the continuing rise of cybercrime and targeting private computers, tablets, and phones, the question is not if but when you will be hacked. So, better safe than sorry, make sure your crypto assets are safe and secure even if your device is breached by sticking to the following tips.
1. Keep your crypto wealth secret!
Anonymity is your best ally — If you are not “known” to hold crypto, you probably will be less targeted by hackers specializing in crypto-assets theft. Being a known crypto holder raises the chances to be targeted for spear phishing attacks. Spear phishing, as opposed to regular phishing attacks, is a technique that includes obtaining personal information about the intended target and insert malware in a message of personal nature, even in a PDF, a photo or GIF file, or from a trusted source easier to hack. It can even be a physical attack on your machine if left unsecured for some time.
So, don’t brag about how crypto rich you are. People do not need to know how many tokens you own or where you store them :)
2. Keep your mnemonic only on paper!
Assume that any digital device you use can be hacked, and probably will at some point, so never store your mnemonic digitally. Even encryption is not safe if your device is breached. Your screen and keyboard can be cloned and mirrored. When that happens, glancing once at your mnemonic gives the hacker access to your wallet.
The best practice is to make a paper copy divided into two parts and hide a few copies in various locations and with people you trust. No matter how gifted they are, hackers cannot access paper copies! It is advisable to check these locations at least twice a year to make sure your mnemonics are still readable — ink fades, and paper crumbles …
3. Store the bulk of your crypto assets in a cold wallet
Hot storage wallets make life way easier when using Dapps and DeFi, but wallets like Metamask — that uses passwords as their single layer of security — have been reported to experience several successful attacks recently, so it is better to keep limited amounts there and store the bulk of your tokens in a cold wallet such as Ledger or Trezor. This minimizes risks. 2key wallets and Metamask can both be operated in conjunction with Ledger or Trezor cold wallets.
4. Activate the 2FA (two-factor authentication) options offered by digital services you use
2FA increases digital security by a factor of 1000 and keeps hackers at bay. From the 2FA services, SMS is the least efficient, as a Simcard hijacking is enough to bypass it, so always prefer Google or Microsoft Authenticator options that create a time-limited one-time code. Yes, it is annoying to add one manipulation layer to access your destination, but it greatly reduces the risk of mistakenly giving your credentials to a phishing site. 2FA should also be used to protect your non-crypto assets.
A popular hacking technique is to redirect your request to access a site or an app to a cloned site or app and use this to steal your credentials. 2FA secured options also verify that the device you use to access the app or site belongs to you or is operated by you. A popular authentication app besides Google authenticator is Authy, which allows you to create a master password enabling you to recover all your 2FA once you switch to a new phone. Keep that master password extra safe!
2key wallet will soon integrate 2FA as an added security layer and will be one of the only non-custodian, decentralized wallets in the world to support that feature.
5. Monitor your devices for signs of a breach
Nowadays, the question is not if but when your device will be breached. There are common warning signs that your device has been breached, common or distinct for computers, tablets, and phones, like random downloads, random restarts, mouse movements by itself, warnings for signs of a breach from new devices to products you use, and more. However, stealth spyware aimed at stealing your information or mirroring your activity might be invisible, so always assume your device might have been hacked.
In case of a suspected or confirmed hack, to protect your crypto assets, DO NOT take any action from the compromised device. Use a secure device to open a new wallet and transfer your assets to that address. In any case, if you followed the above recommendation nr 3. and stored the bulk of your crypto assets in a cold wallet, the crypto amount on the potentially compromised wallet should be minimal. Once you transferred your crypto assets safely from a secure, separate device, it is time to take measures to evaluate the damage on your infected device and take corrective action.
Warning: Hackers accessing one of your devices might use the information gathered to access your other devices such as phone, tablet, watch, or other. Avoid using a connected device to transfer your crypto assets to a new wallet.
To summarize, anonymity, off-digital mnemonic storage, cold wallet, and 2FA, and your crypto assets will be 99.99% safe even if your device is hacked!
Follow those rules, and sleep soundly.
Stay safe. Stay secured. Go2key!