Bitcoin Forum>Bitcoin>Development & Technical Discussion
Pages:
Author

Topic: Is there any malware that captures your recovery seed when shown or typed? - page 3. (Read 725 times)

Forsyth Jones
hero member
Activity: 1120
Merit: 540
Press F for Leo
Re: Is there any malware that captures your recovery seed when shown or typed?
February 16, 2024, 12:07:33 AM
#1
Commonly, when creating a wallet, we are shown the mnemonic code that can basically rebuild your wallet from scratch when imported into another wallet.

The problem is that whoever has access to these initial words will definitely have access to your entire wallet balance belonging to this recovery seed.

Imagine there is a Trojan on your desktop or cell phone that has been programmed to detect recovery seeds, WIF private keys, extended private keys or any sensitive data that allows partial or full access to your funds in a deterministic wallet.

How can we be sure that these things are not monitoring your clipboard, your keyboard when you type totally random words that follow a pattern like 12 to 24 words? Or a screenlogger that takes a screenshot when it detects a seed on the screen and instantly sends it straight to the attacker's server? We know that it is possible to develop this.

I always thought about this when creating my wallets, I know you will answer that an HW is the best option in this case, yes I know that too.

We know that clipboard hijacking exists, if you have any reports and evidence of any malware from this family and variants, post here so we can keep people alert and protect their funds in the best possible way.

See what the developer of the airbitz wallet (rebranded for Edge) says about mnemonics and that he considers it an insecure backup method. I agree with him, although mnemonics make life a lot easier, it is very easy to have your coins stolen if you have malware that captures mnemonic phrases or scans your clipboard if you copy them.

Agree that, instead of using the mnemonic as a backup, a simple backup of the wallet file like Bitcoin Core, Electrum, Bitcoin Wallet for Android do, does not reduce remote access to your wallet much more, since in these wallets we have to encrypt and then export them to external drive?

Do you think this topic is valid or is it a lot of unnecessary paranoia?

Pages:
Bitcoin Forum>Bitcoin>Development & Technical Discussion
Jump to: