Pages:
Author

Topic: How to Secure Our Wallet to Prevent Being Hacked! (Read 652 times)

full member
Activity: 1050
Merit: 110
I just wanna add one point to this security mechanism for securing the wallets. A chain is as strong as its weakest link and in cyber world this weakest link is human. Trust me nothing can happen to your wallets unless you do something that is prohibited. We are missing one key aspect of hacking here i.e. social engineering. Hackers these days are mixing hacking tools with social engineering for there and I m saying this since it happened with me. Never download a file sent to you by stranger.
legendary
Activity: 1750
Merit: 1329
Top Crypto Casino
Previously im just using with an executable file with the electrum and well its a good thing because before I don't have a hardware wallet most of the people suggest storing your seed phrase into a piece of paper it's an ideal too but its better if we store it with multiple copies and we know the physical texture of the paper so it's better to find some more ideal to write it not easily damage. Now I'm using with a hardware wallet which is more reliable than using a google extension or browser extension this feels make more safe.
hero member
Activity: 2268
Merit: 669
Bitcoin Casino Est. 2013
Quote from: Charles-Tim link=topic=5333463.msg58553602# msg58553602 date=1638075527
My bad, that is true. The idea of paper wallet is the fact that the private key is not online but offline and is written on a paper. The idea of generating a HD wallet on an airgapped device and having the seed phrase properly backup on paper should truly makes it a paper wallet too, while many addresses can be saved and be used for transaction.
I have my mew wallet created on 2018 and during the time I am using it is that I don't have any problems with. It is true that paper wallet like mew, metamask important files, private key or mnemonic phrase is not stored online though it is generated through the extension or mew website/app online. Didn't try generating offline yet on metamask but on mew tried many times already and works good on website (did not try app offline).
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
A paper wallet is whatever you want it to be, you are not forced to print a single private key (WIF) on paper, you can simply generate a mnemonic and write that down on a piece of paper which makes it your HD-paper-wallet so you can generate as many keys as you want.
My bad, that is true. The idea of paper wallet is the fact that the private key is not online but offline and is written on a paper. The idea of generating a HD wallet on an airgapped device and having the seed phrase properly backup on paper should truly makes it a paper wallet too, while many addresses can be saved and be used for transaction.
legendary
Activity: 3472
Merit: 10611
Paper wallet only generate one private key, unlike the hardware wallets which are HD wallets generating several keys
A paper wallet is whatever you want it to be, you are not forced to print a single private key (WIF) on paper, you can simply generate a mnemonic and write that down on a piece of paper which makes it your HD-paper-wallet so you can generate as many keys as you want.
member
Activity: 966
Merit: 25
Ton Together | Save Smart & Win Big
If I may add, we should also be very careful to not download a random application even if it's listed on google play, cause it may consist of malware or virus too. Second, many people save their private keys on cellular notes, cloud, or other media. It's still has a chance to be hacked. Third, always double-check some popular websites or sites that are frequently being used like mew, etherscan, other explorers cause some people to try to input phishing links, and sometimes it's difficult to differentiate it. Don't just google it and immediately click the site on the very top, cause it's not always the right one, better to bookmark the real site like you've said.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
but still im a traditionalist and i perosnally prefer the paper wallet instead.Its about the trust in breaking in my personal  cash space
Why did you prefer paper wallet exactly over hardware wallet? If you know how to operate hardware wallet, it can give convenience while you can still decide to have both. Paper wallet only generate one private key, unlike the hardware wallets which are HD wallets generating several keys and addresses which can also help you in maintaining privacy if other ways to privacy are considered. It is your choice, paper wallet is also safe as the key is also offline.
staff
Activity: 3304
Merit: 4115
If your OS version is not updated with the latest security upgrades, it can be compromised when this is detected by the hacker.
Even if it is updated it could still be compromised, so you shouldn't assume because your up to date in the latest software that you aren't a potential target. Although, what your saying is possible, its much more likely that the hacker will look at the unencrypted information you are entering on the WIFI, and therefore look for passwords, rather than actually compromising your machine itself.

Security is important, but we tend to put emphasis on hackers like they are geniuses, when in reality most hackers are using well known exploits, or using someone else's script. There's not too many hackers which are adept enough to code their own sophisticated attacks, especially since their opponent is either Apple, Microsoft or Linux, which constantly monitor the space, and make improvements.
staff
Activity: 3304
Merit: 4115
I do not know how true this information is, but any browser hung with various add-ons will always pose a danger to the owner.
Any extension that you have installed which isn't open sourced, and hasn't been verified by either yourself or others has the potential of compromising your data. Therefore, you shouldn't just install any extension, plus personally I don't see the need to install several extensions at a time. Honestly, I could only recommend security/privacy open sourced extensions such as Ublock Origin, potentially a No Script extension if that suits your purposes.
member
Activity: 686
Merit: 21
We store our valuable cryptocurrencies in various wallets. In this case, it is important to ensure the security of our wallet. I have come up with some points that can help you to secure your wallet:

1. Hardware Wallet
It is better to use hardware wallet because it is more secure than software wallet. Yes, we have to pay for this but if you think about safety of your assets, you'll be ready to buy hardware wallet like Ledger Nano S/ TREZOR.

2. Install/ Download Chrome Extension
We can prevent being hacked if we download and install chrome extension. Mew chrome extension and MetaMask chrome extension are available to install.

3. Bookmark Original Website
We can bookmark all the important/legit websites that we have to access regularly. We can use those bookmarked website safely without input manually.

4. Check Balance
It is not necessary to check our balance everytime by entering our private key. We can easily be able to check our balance and transaction from:

(a) https://etherscan.io/
(b) https://bscscan.com/
(c) https://tronscan.org/
(d) https://www.blockchain.com/explorer

At the time of transaction, we can use our private key. If possible, store private key offline.

5. Don't Trust SSL Only
Just because a website uses an SSL certificate does not mean that the website is completely secure. Buying an SSL certificate is not a complicated matter. We should double check the website before entering private key.

6. Don't Click on Attractive Offers
At the time of browsing, we see many interesting offers that we should not click on because no one will give you free money without doing anything. Sometimes we get such kind of shit offers on gmail/social media. Also, we should more conscious about downloading any app or file.

7. Enable 2FA
It is important to enable 2fa if our wallet serve this feature. We can use google authenticator, mobile number and gmail as 2fa method.

8. Free Wifi
We shouldn't use free wifi at all and by using free wifi, we can lose valuable personal data. Hackers can collect those data for entering your wallet.

Lastly, we should use our brain. Awareness can keep us safe on the internet.

"I might be wrong, please pardon my mistakes."

Thanks for the cautions especially that of not using free WiFi,most times people become too gullible that they jump into any free WiFi they see,not knowing it has some hazardous effects,by giving hackers access into personal and financial information on their phone
legendary
Activity: 2072
Merit: 4265
✿♥‿♥✿

I totally disagree with this. Dont install any browser extension. It is not always clear what kind of information it collects. Even if you use browser extensions, go through them and check for old/rarely used and delete them.

When you export your browsers settings, these extensions like to migrate with you. Sometimes old extensions are being sold or bought on purpose by hackers and their code is being modded. Next time when your old "neat old browser theme" asks for update, think twice before you update it. Because behind it you might get a bot, keylogger and other crap.


In addition to the fact that the Chrome browser itself is not completely secure, all its extensions often collect information about users contrary to privacy rules. Recently, there was a story on reddit.com where users complained that an installed Chrome extension was accused of stealing cryptocurrencies.

https://www.reddit.com/r/Metamask/comments/mvtdbe/2_different_friends_have_been_hacked_someone_got/

I do not know how true this information is, but any browser hung with various add-ons will always pose a danger to the owner.
legendary
Activity: 2520
Merit: 1218
2. Install/ Download Chrome Extension
We can prevent being hacked if we download and install chrome extension. Mew chrome extension and MetaMask chrome extension are available to install.

I totally disagree with this. Dont install any browser extension. It is not always clear what kind of information it collects. Even if you use browser extensions, go through them and check for old/rarely used and delete them.

When you export your browsers settings, these extensions like to migrate with you. Sometimes old extensions are being sold or bought on purpose by hackers and their code is being modded. Next time when your old "neat old browser theme" asks for update, think twice before you update it. Because behind it you might get a bot, keylogger and other crap.
legendary
Activity: 1652
Merit: 1208
Gamble responsibly
Im confused what that person means here.  They say you could enter your btc address to check balance right?  The way this person phrased it was like you could enter your wallet seed into it and check it.
Only addresses can be used to check balance, electrum can be used for this ourpose in a way you will import the addreses on electrum, this will sychronize with the blockchain that will result to the balance that will show up. This is more secure because nobody can spend from such wallet which are called watch only wallet but only used to track transactions. But seed phrase can be used to check balance too if it is imported into a bitcoin supported wallet, in this case, someone will be able to spend from the wallet. But this should not make someone confused and input the seed phrase on a site that requested for it, any site that requested for your seed phrase only want to scam you.
full member
Activity: 1792
Merit: 186
We can prevent being hacked if we download and install chrome extension. Mew chrome extension and MetaMask chrome extension are available to install.
No. Chrome extensions are why people are getting hacked.

It is not necessary to check our balance everytime by entering our private key. We can easily be able to check our balance and transaction from:

(a) https://etherscan.io/
(b) https://bscscan.com/
(c) https://tronscan.org/
(d) https://www.blockchain.com/explorer

At the time of transaction, we can use our private key. If possible, store private key offline.

5. Don't Trust SSL Only
Just because a website uses an SSL certificate does not mean that the website is completely secure. Buying an SSL certificate is not a complicated matter. We should double check the website before entering private key.
Please DO NOT key your private key into any website.

Storing your private keys offline doesn't make anything more secure. You'll probably be looking at making an air-gapped wallet in this case.

7. Enable 2FA
It is important to enable 2fa if our wallet serve this feature. We can use google authenticator, mobile number and gmail as 2fa method.
2FA is not perfectly bulletproof against malware attacks. There are many variants of malwares which seeks to exploit the user differently and the most common one is a clipboard malware which your 2FA won't protect unless you double check your transactions.



Im confused what that person means here.  They say you could enter your btc address to check balance right?  The way this person phrased it was like you could enter your wallet seed into it and check it.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
Many blame wallets hacks on the wallet but honestly most times this happens because of mistakes and carelessness on the users, the only crypto wallets that aren't safe are the centralised wallets but others that gives seed or private keys and still got hacked is due to users fault
You are not wrong, many wallet hack is as a result of people themselves which are careless, carelessness is one of the reasons for some of the hack. But having offline wallets still reduced the chances of the carelessness, using mobile or desktop wallet is also still better but yet vulnerable as they are both online wallets. Web wallets are just the most vulnerable, and they are not recommendable in case of safety, it makes people to be more vulnerable to their carelessness. But, yet, people need to be very careful and protect their wallet perfectly.
sr. member
Activity: 1750
Merit: 267

You only need your seed/private key to access your wallet. Any wallet software that has 2FA feature is a custodial wallet which are not safe and you should not use them if you care about the security of your funds. A better alternative for 2FA is to set up a 2of2 multisig wallet and keep each co-signing private key/seed on a different device.
Yes, this is the second step but we're not fully safe on the internet and for this reason this method can help us to secure our wallet.

Wack, fully disagree with that. Even  inoffensive chrome extension means your private keys are inside browser cashe for some time. This is  the additional hole to their security that can be used for  sophisticated methods to steal them. Apart of that there are malicious extensions  that disguise themselves as true wallets. They are able to  inject malicious code and steal sensitive data like passwords. priv keys etc.
Actually it can help us to find real website on the internet. Obviously we should avoid malicious extensions but sometimes, chrome extension is worthy enough. For high security in this respect, anyone can clear browser cashe, cookies and history.

[moderator's note: consecutive posts merged]
member
Activity: 232
Merit: 10
1. If your wallet is a add-on like metamask make sure you don't use the browser to browse online at all, dedicate the browser for metamask only, in fact I prefer using the mobile app instead

2. Avoid clicking on links either online or through emails

3. Safeguide your recovery seed and private keys, they should never be shared with anyone and make sure you don't store them in places where it's easier to people to reach
legendary
Activity: 2744
Merit: 1878
Rollbit.com | #1 Solana Casino
Many blame wallets hacks on the wallet but honestly most times this happens because of mistakes and carelessness on the users, the only crypto wallets that aren't safe are the centralised wallets but others that gives seed or private keys and still got hacked is due to users fault
Sometimes the storage of the seed or private key is ignored and has no security. this is what will become a gap to be stolen and hacked. Hacking of personal wallets is indeed due to the recklessness of the wallet choosers.

Being exposed to phishing is also the reason why personal wallets are hacked. Because the phishing page will ask to enter a private key. this needs to be paid attention to, make sure the page used is a genuine page and not phishing.

Like the metamask extension wallet, from the past until now there are fake extensions created by scammers. Make sure everything is original and you should pay attention to it.
newbie
Activity: 14
Merit: 0
It is very important to protect our wallets from hacking, by choosing strong passwords, activating more than one protection method to enter the wallet, such as a PIN code and fingerprint, and to avoid sending our private keys to any unknown person or website.
staff
Activity: 3304
Merit: 4115
If you have no other option but to connect to a public WIFI, then at least connect to it with a reliable and secure VPN.
Even then, there's a small chance that you could be compromised since you have to connect to the internet before you connect to the wifi. If you can, its better to use a cellular data connection, connect to the VPN, and then connect to the free wifi. Cellular data connections are secured differently, and generally are more secure than wifi connections, which see a lot of traffic throughout the day. 
Pages:
Jump to: