Recent Hacks With Cryptopia, QuadrigaCX, and Now Binance!
Yet again, another cryptocurrency exchange has been compromised. This time Binance, one of the largest crypto exchanges by adjusted volume, follows in the wake of the recent Bitfinex Tether controversy and the Cryptopia and QuadrigaCX exchanges that suffered from attacks earlier in the year.
It is an unfortunate reminder that cryptocurrency users and investors must be alert and take essential precautions to secure and have complete control over their funds. With Binance being hacked, it only certifies that NO EXCHANGE, no matter how big, trusted, or “secure,” is truly impregnable from quick-thinking hackers.
Below, we will look at some quick and easy steps to help reduce the risk of your funds being stolen and point out some of the dangers not just related to cryptocurrencies, but online in general.
Be Careful Where You Store and Generate Your Private Key!
Any legitimate blockchain platform will require you to generate a cryptographic key pair to access your funds on the blockchain, also referred to as the public and private key, which can also be a 12- or 24-word passphrase.
Only the owner knows the private key, and as long as that information is kept secure, your funds will remain safe. Public keys can be shown without compromising your security and are often used to verify transactions on the network.
It is wise to write down your private key, store it securely, and be careful who or what receives it when you are trying to access your funds.
Your Data is the New Oil
Hackers will seek to steal as much of your data as possible without you realizing, either to sell or steal your funds. If your device is compromised with suspicious software like a keylogger or another type of malware, any information like emails, usernames, or passwords typed on that device can be monitored and obtained.
A popular method when setting up a new wallet is to switch off the WiFi and then generate your private key. This can sometimes prevent the data from being sent to an unknown receiver if the wallet is compromised or is a fake (phishing), but this doesn’t always guarantee security of your sensitive information.
Phishing is also common; Websites or downloadable apps that look like the original can be used to take your login details and browser history. This is a common method for obtaining someone’s private key using a fake wallet app.
Regular scans with an up-to-date antivirus are necessary. Most may not pick up malware on your device, so being careful not to open suspicious emails or connect to public networks that are shared by multiple people help reduce risk.
Double-checking the Website URL is important before submitting any type of information, such as credit card details, addresses, or images of important documents. With regards to cryptocurrency wallets, seek the most reputable providers and download the software directly from their GitHub page if possible. This increases the chances that you will have the genuine version and not a phishing app that’s trying to steal your funds and information covertly.
Cryptocurrency Wallets and Keeping Them Secure
There is more variety for storing your cryptocurrencies than ever before. User interfaces are now much smoother, and the technology has advanced enormously. It’s quite easy to get started and have access to your favorite coins and tokens.
Popular downloadable wallets like Jaxx and Exodus provide users with a wide range of supported cryptocurrencies and features to analyse your portfolio. There are also available downloads for Android, iOS, Mac, Linux, and Google Chrome.
As mentioned earlier, securing the generated private key is still necessary. If you lose your device or delete the app accidently, you will not be able to restore your balance without it. All legitimate wallets will enable you to generate the cryptographic key pair.
Alternatively, you can use hardware wallets (Ledger and Trezor are the most well-known), which are small devices that you can plug into your laptop or PC with a USB cable. The critical private key is only stored on the small device itself and is not revealed on your computer.
The hardware device will have buttons or a screen for the user to interact with, granting permission to access the cryptocurrency wallets. Any transactions you conduct will need authorization from the hardware device itself – the laptop being used simply enables you to interact with the wallet’s software.
Hardware wallets will not ask you to submit your private key on the actual laptop or PC.
Using Ubuntu as an operating system is often considered to have greater security than the popular Microsoft Windows system because less exploits can generally be found with Linux than with Windows (the debate rages on!).
Because of the simplicity of Linux, it is often a popular choice for the benefit of greater security from malware. With that being said, no operating system is invincible, and it can still fall victim to being compromised.
You can download Ubuntu for free, and most cryptocurrency wallets support Linux operating systems. Only download wallets and other types of software on secure, private networks.
Paper wallets can be used for long-term storage, cannot be “hacked,” and are often preferred by those who want total offline storage. To redeem the funds on the paper wallet the private key would again be needed, so make sure it is printed in a secure location!
Run Your Own Bitcoin Node; Be Your Own Bank!
For ultimate safety, you can download the entire blockchain of a cryptocurrency and run your own node, provided you have the storage capacity, a fast Internet connection, and patience, as the Bitcoin blockchain is now over 200 GB and counting!
However, there are benefits of running your own node because you don’t have to rely on third-party “online” wallets and exchanges. With a fully-synchronized copy of the Bitcoin ledger, you are effectively your own bank.
Not Your Keys, Not Your Cryptocurrency!
As noted in previous posts, cryptocurrency exchanges ARE NOT a safe place to hold your digital assets. We have witnessed multiple times why third-parties are not ideal, and it is due to these faults that Bitcoin and other cryptocurrencies were conceived in the first place.
When holding funds on an exchange, you do not have full ownership to what you see on the screen. If you do not have the private key that entitles you to have access to the blockchain of the cryptocurrency, the exchange holds the private keys. In the worst-case scenario, you cannot redeem your balance.
To celebrate ten years since Bitcoin’s first successfully mined batch of transactions at the start of this year, the “Proof of Keys” movement was started to create awareness for people to take full ownership of their cryptocurrencies and hold their OWN private keys by ultimately withdrawing all funds from centralized exchanges and holding them privately.
Everyone Wants Your Digital Assets!
With everyone quietly scrambling to accumulate Bitcoin and altcoins, greed sentiment is high and bad actors will strive to take your funds. Up over 60% and pushing towards breaking past $6,000 (again), Bitcoin has outperformed every other asset in the world since the beginning of 2019.
It’s almost certain that more exchanges will be targeted by hackers — and even regulatory authorities — as the sector continues to clean up for institutions to enter. Now is the best time to learn how to hold your own keys and become independent of unregulated exchanges.
This is not investment advice; please always do thorough research and only invest what you are willing to lose, especially in times of uncertainty, results may vary.