How to not lose your cryptocurrency
25.10.2021 | auglovoi
Although there is no single solution to avoid trouble, there are several ways to protect your money, and in case of hacking, quickly take steps to recover them.Although we have repeatedly discussed and given recommendations on the safe storage of cryptocurrencies, it is still worth going through the step-by-step checklist to make sure you don’t miss anything important. If any of the following has not been done yet, then it is better to take care of it in the near future.
Store coins in different wallets. It is better to use different methods to store coins. If you’re storing a large amount of cryptocurrency, it’s a good idea to invest in a cold wallet, like a hardware wallet, store a private key in an encrypted key container, keep a paper copy of your passphrase in a safe place. If you have a lot of funds, then you should use several storage places even for long-term storage, so if one address is hacked, the rest of the coins will remain safe. Using a multisignature wallet is recommended for large transactions. An online platform is best suited for small payments, and an online exchange for trading.
Separate equipment for cryptocurrencies. When you have many coins on your accounts, for example, bitcoin or ethereum, their value can be thousands of times higher than the price of the mining equipment. In this case, it would be better to purchase a separate computer, for example, a Raspberry Pi, the cost of which does not exceed $ 100, and even one Ethereum coin exceeds its price dozens of times. While separate equipment is more reliable, you can consider installing a second operating system on your work computer with home folder encryption.
Only the necessary software. There should be nothing extra on your mining computer, only the soft that you use for mining. Pirated soft, hacked applications and operating system cracks are out of the question.
Ensuring the security of the system. There are quite a lot of stories on the web about the loss of all cryptocoins due to sloppy storage of the private key. Someone didn’t think bitcoin would ever bring much money and just threw out a hard drive. Someone kept a single copy of the private key, rendering digital wallet inaccessible after hard drive failure. There may be several options, like copy all important data to an external storage device or to a private cloud storage. You can also organize the mirroring of hard disks by creating a RAID array. With mirroring, data is duplicated on a second disk, which ensures fault tolerance because it duplicates data by simultaneously writing on two storage devices. If one of the hard drives fails, you just need to replace it.
Make regular backups. Even the most reliable equipment can fail. For example, storage devices may be destroyed or disabled by a fire, a sudden power surge, or water runoff from neighbors. That’s why regular backups may be the only way to recover the currency in the digital wallet. You can create a PGP-encrypted container and update it from time to time, which will then be sent to several storage locations. For example, you can send it on your e-mail, two or three cloud storages (many of which grant you with several gigabytes of storage), and also on a USB flash drive – just in case.
Strong passwords. Cybercriminals are now so sophisticated that even the most reliable passwords are at risk. There are frequent cases of user data leakage from large services, even Facebook and Google aren’t 100% trustworthy. Therefore, it is better to use different passwords for public and private services. It is also worth taking care of the strength of the password itself. If earlier it was recommended to use a random set of letters, numbers and special characters, now studies have shown that long memorable passwords with some letters being replaced by numbers or special characters are far more secure. Even if a hacker gains access to files or a device, you will have time to transfer all assets to the newly created wallets. You should also focus on online services. Two-factor authentication should not be overlooked, as well as several methods of confirming transfers on exchanges, for example: telegram, jabber and reliable e-mail service, like protonmail.
Latest updates. Most often, hackers exploit vulnerabilities in software. Developers try to keep their products up to date, quickly eliminating any flaws, so updates should not be neglected. Although, for example, Microsoft has been somewhat taking it lightly lately — in some cases, their updates lead to the failure of some functions, but this is better than losing all your money. Also, you should carefully monitor the installation sources of updates. There may be cases when trojans or other viruses will send your data to a hacker, when installed on your computer. Therefore, it is necessary not only pay attention to URLs, but also to verify the digital signature of the installation file.
Keep a close eye on your devices. It has been said more than once about encrypting phones and flash drives, but you shouldn’t forget about other devices too. Even if your laptop is password-protected and your home folder is encrypted, you shouldn’t leave it unattended in places where intruders can gain access to it. It is also necessary to configure a firewall, which will blocks data packets based on a set of security rules, preventing intruders to use hacking hardware.
Cryptocurrency security tips
In most cases, users themselves violate the rules and give hackers access to their wallets. One of the most popular bitcoin wallets was recently exposed to such a break. Hackers were sending wallets with a built-in trojan disguised as a software update, which led to the loss of funds for many users. The carelessness of the cryptocurrency owners have played a significant role in that regard, who decided not to carry out the additional verification of the installed soft.
The first and most important rule for the safery of cryptocurrencies is keep your mouth shut. The less everybody knows, the better, only you and your relatives should know how much cryptocurrency you have and how to access them. Moreover, the latter should only know the algorithm of actions, without the possibility of obtaining immediate access, only being able to restore the wallet in the event of force majeure.The second is a suspicion of being hacked. If there’re reasons to believe that you’re being hacked, then it’s better to transfer money to new locations on new devices, and only then deal with the problem without worrying about the safety of funds. Next steps are the usual Internet safety measures, only considering that we are talking about digital assets worth a lot of money, which are of interest not only to small groups of hackers, but also to crime syndicates.
In the cryptocurrency sphere, exchangers, exchanges and online wallets are most often subjected to phishing . Here’s an example of a phishing scam:
slightly altered domain name registered with intent to deceive,
a fake website is created with part of the functions missing,
start an ad campaign using search networks,
a DDoS attack disrupts services of the original website.Thus, the client cannot access the original website, so he or she uses a search engine to find it, but instead finds an ad link to the hacker’s fake website. The main purpose of such attacks on cryptocurrency services is to obtain account login information or force the victim to transfer cryptocurrency to a hacker’s address. It is the second type of attack that is increasingly becoming widespread, since most services introduce two or even three-factor authentication, which means that credentials don’t have much value when the original website is offline. There are also other kinds of attacks, for example, a user enters his data on a fake website, and a hacker duplicate them on the original website, only replacing the withdrawal details with his own.
In order to avoid such attacks, it is necessary to stay vigilant and use additional measures to verify trusted resources.
All additional verifications should be aimed specifically at preventing data leakage via phishing. The first thing you need to pay attention to is the security certificate. Expiration date and issuer’s name are critical. The change of the certifying signature should be a matter of concern, especially if this happens long before the expiration date of the previous one.It is also necessary to check the correct spelling of the website in the address bar, although the hackers use similar looking characters, but upon closer examination you can tell the difference.
Another way is to check the domain owner using the registrar tools. So at the first suspicion of a fake website or an incorrect address, you need to check whether the owner has changed. This is also true for the official website mirrors, you can at least trust them if the owner is the same, even if you still need to make some additional verifications first.
As already mentioned, the latest security studies have shown that the most reliable passwords are long memorable phrases with special characters inbetween. It’s better to come up with a new password for each service, and you can store them openly in the ciphered sort. For example, you can set a password for Cryptex like “I@Love$My_Kitty”, and write it to the file as “Cryptex:Kitty”. You can use special characters in the same order every time, changing only the words, where you also replace letters with special characters and numbers. The main thing is to develop your own password algorithm, which you need to follow to the letter.
Secure communication channels
You need to protect your privacy not only on public networks, but also when you’re at home. You have two choices: make your own VPN server with channel encryption, or use an already configured one, since there are a lot of offers on the market. The main goal is not anonymity, but the protection of transmitted data, although increasing confidentiality will be an undoubted advantage. All connections related to digital assets and other security-sensitive services should only go through a private network. It It’s best to use this channel only for cryptocurrency in order to avoid being hacked.
Choosing an operating system
If you stick with Apple, then you don’t have to worry about the operating system at all, but in the case of PC and Android, you will have to spend some time.The most popular system Windows isn’t known for its stability and security, although if you use the computer for cryptocurrency only, then Microsoft products will work just fine with proper adjustment. But it is still better to choose from open-source operating systems. The best of these is currently Linux in Debian’s build. Although this distribution isn’t very user-friendly, you can quickly learn to configure it with an extremely high degree of reliability.
Another advantage of Linux is the small amount of malicious software, and even with minimal configuration available immediately from the start it’s almost impossible to launch any malware remotely.If you need to use Windows for work, you can install a second Linux operating system, switching between them as needed. Even if Windows is infected, it cannot work with the Linux file system. Viruses are made in a special way such that they work in the host OS and use its services and they can’t work on two different types of OS together.
Differentiation of access rights
Again, the kind of operating system matters here. It’s easy enough to set up on Linux, but on Windows it will take some effort. The clearest and safest example of differentiation of access rights is the creation of a separate user to manage a cryptocurrency wallet. This account shouldn’t have access to the systems, only to the cryptocurrency management program by gaining rights from another account. Moreover, all other accounts on the computer shouldn’t either have access to the wallet files.
This is the most controversial issue. Some believe that this is the only way to get the proper level of security, but there were cases when private keys from cryptocurrency wallets were transferred to the antivirus creator’s servers as a suspicious file. Therefore, it would be better not to use defender programs or any unverified devices and limit to security settings only.
What to do if you’ve been hacked
If you’ve been hacked the first thing you must do is to transfer assets to a safe place as soon as possible. In general, the steps you must take are as follows:
Disable Internet access for the compromised device.
Transfer entire assets to other temporary addresses, for example, to a digital wallet or an exchange account. In cases where a hacker has already created a transfer, it may be useful to create another one by setting a large commission, this will put a legitimate transaction in priority for inclusion in the block, although some of the funds will be lost, but you’ll get most of it back.
Track the address to which the funds were transfered. If they were sent to one of the Internet services, you can contact their customer support with a request to block funds for further investigation. Usually, online exchanges and wallets are fully cooperating and freeze coins until all the circumstances are clarified.
Change passwords for all important services. Better do this in two steps. First, create temporary passwords for some time, and after making sure that they are safe, change them again. Don’t forget to follow our tips for creating strong passwords.
Back up all important data, ensuring that infected executable files do not get on the new device.
Format and reinstall all operating systems and soft on all devices that were used to work with cryptocurrencies. If the transaction amount was big enough, it doesn’t hurt to completely change the hardware, since some versions of malware hides and is installed as a service inaccessible to an ordinary user.
An example of a reliable architecture
The type of the architecture will depend on the amount of coins and the way they’re used.
Multicurrency online wallets will be perfect for small amounts that need quick access. The secret key must be stored in an encrypted container and placed on a pair of cloud storages. It’s convenient for fast payments from any device, but storing large amounts this way is not the best solution.
For large amounts with constant direct access, some work needs to be done. One solution may be a separate computer for an offline wallet with the main assets, which could be used to replenish the online wallet for the required amounts as needed. This way you will be able to quickly pay for a product or service, keeping the main reserve completely safe. You’ll need two formatted devices. You use one of them to create an encrypted RAID array, install an operating system with a trusted VPN connection. At the same time, you should restrict all other connections to the network. The second device is also used to install an operating system with encryption of the home partition, where the codes for connecting to the VPN and the remote server will be stored, which, like the private keys, must be also saved in encrypted form on various media. When you need to quickly replenish the online wallet, just connect to the server from the second device and transfer the required amount. If hackers gain physical access to any of the devices, they won’t be able to extract information from them, and it won’t take too long to recover.
To store particularly large amounts which are not planned to be used so often or if they are part of a long-term investment strategy, you can use safe storage tips from our articles.
All of the above tips will help to protect cryptocurrency assets from accidental loss or theft, but you should know that the amount of funds must be commensurate with the taken approach. If the wallet assets worth only tens of dollars, and the cryptocurrency is used only to study technology and work out some theories, then an antivirus soft and the latest software versions would suffice. But if there are several hundred bitcoins in storage, then maybe you should paying as much attention to the safety settings as possible. If you’re just taking your first steps into the world of cryptocurrency, then you should gradually, but without delaying, improve your security system. By doing this, you not only save your funds, but also could figure out the best practices and approaches to storing digital assets.