Author

Topic: Reason why online wallets are hack (Read 202 times)

legendary
Activity: 1862
Merit: 1209
October 15, 2022, 11:57:41 PM
#12
Such things can become the reason but the wallet hack can come from so many mistakes that would be made by the owner of wallet. Just like when people randomly clicking or even they were revealing their privatekey to others. People are so dumb enough by clicking everything without knowing more about what they have been clicking. That proves that if people don't even care so much with their money and they wanna give it to the scammers or hackers.  Grin
What you're talking about? hack and stolen are different thing, don't mix it.

Owner's fault are not considered as hack, but it will make scammers able to steal his coins. The reason why they're randomly clicking or even revealing their private key is they're still don't have enough knowledge about crypto space. Actually people who want to start invest on crypto should have an enough knowledge to mitigate or prevent this kind happen. Perhaps they could interested by a fake giveaway so that's why they're greedy to get big money with instant way.
hero member
Activity: 1904
Merit: 541
October 14, 2022, 08:50:14 PM
#11
Online wallets are risky because people don't understand how to use it, they do not verify the links they are on (if they are on the real website), they insert their seed phrase without verifying the domain name(anybody that sends them a link they press it without too much thinking), etc. It's not the wallets fault, if you are referring to big wallets like Metamask, it's the user issue. If they receive a link in the Telegram they start pressing on it, or maybe found a project at the beginning that requires wallet connect, people pressing buttons like on Gambling, without even thinking or hesitating or giving a second thought, this is not wallets issue, this is USER ISSUE. The wallets offer you an interface, and you basically connecting your seed phrase which use cryptographic encryption from your local device, you are accessing with your local device their website, but people doesn't check if the link is correct or if the project is real, and so on. And when you connect it, you are literally giving them access to your funds. Is this wallet issue? No it's USER problem. Please stop clicking on links that are not secure, and stop connecting your wallet on a website that you are not sure of, to prevent giving out your wallet phrase

Apps wallets that can be downloaded to our mobile devices are inherently high risk, so what you are saying is true. So for me, it is better to use a desktop or laptop, or if there is a legit app wallet that is good to use it is only Trustwallet for me, other than that there is nothing else.

Phishing sites usually become an open door for scammers or hackers to steal other people's funds here in the cryptocurrency community. And often the link with the phishing site can be found in various groups in telegram apps. That's why extra care is needed when it comes to this matter.
legendary
Activity: 2170
Merit: 1789
October 13, 2022, 09:20:35 AM
#10
This is true but nowadays there are online wallets that dominate the market and owned by trusted developer like trustwallet by Binance and Metamask founded by Aaron Davis which is both dox that eliminates the doubts on the developer of the wallet.
You should not avoid them if possible. Trusted or not, if the code is unknown or closed-source, there are chances that there is a bug that can be exploited or there might be malicious code inserted into the app. Not saying existing wallets do that, but there is a chance. Stick to open-source wallets if possible, and learn to verify or at least wait for public analysis on such wallets before using it.
jr. member
Activity: 518
Merit: 1
October 12, 2022, 05:52:32 AM
#9
One of the reasons is greed and stupidity. Some persons are really quick to connect their wallet to freebies and airdops without taking time to get more information about the websites they are visiting or the tokens they received on their wallet. They end up clicking on phishing links and have their private keys compromised. If it's not greed, how can you receive a token worth $20k or more just like that and you quickly rush to swap it without knowing that it's a bate.
hero member
Activity: 2562
Merit: 577
October 11, 2022, 11:13:50 AM
#8
And one major mistakes some people make with online wallet is not bookmarking the original site rather they will use Google anytime they want to visit the wallet site in which the user may end up clicking a phishing site unknowingly.
This often happens to those who are hunting for free airdrop, giveaways, they don't mind connecting their wallet to any site as long as they can get free tokens, nft.
legendary
Activity: 1862
Merit: 1209
October 11, 2022, 03:20:30 AM
#7
LOL

User fault can't be said as hack, those are really different thing. Hack is when the hacker can exploit the vulnerability of the system created by the developer and you're already secured your wallet, but the hacker can still steal your coins. This mean even though you're already try to secure your wallet, but you can't do anything if the wallet has a poor security.

Go search about multi-coin web wallet hack, you will find many wallet was been hacked before, Metamask could be the next. This is why you need to use hardware wallet.
copper member
Activity: 2940
Merit: 1280
https://linktr.ee/crwthopia
October 10, 2022, 05:43:58 PM
#6
Knowledge is essential when it comes to the safety of your wallet. The most common way to protect it is to know the different forms of scamming or hacking of your wallet. From that, you can have somewhat of a gist before doing anything that could harm you.
hero member
Activity: 3010
Merit: 794
October 10, 2022, 05:37:29 PM
#5

This is true but nowadays there are online wallets that dominate the market and owned by trusted developer like trustwallet by Binance and Metamask founded by Aaron Davis which is both dox that eliminates the doubts on the developer of the wallet. I understand your point since this is the issue before during times when most of the developers of crypto wallets are anonymous but now crypto wallet market is already established and so far no scam or shady behaviour from the developer side happened since these wallet introduced to the public.
Whenever a certain thing do able to get that reputation and popularity then this is where people to neglect out the risk involved on the things that they've been dealing with.This is where things becomes messy if

ever there are unexpected things that happen like hacking or exploits or something like that.Its been suggested for how many times that non custodial or non centralized wallets is always been recommendable to use
specially if you are really making it as a main storage of your coins.

It cant be denied that there are really indeed times which these centralized wallets is really that convenient to use but of course it does have corresponding risk.So its yours to take.
hero member
Activity: 3150
Merit: 636
DGbet.fun - Crypto Sportsbook
October 10, 2022, 08:50:33 AM
#4
Please stop clicking on links that are not secure, and stop connecting your wallet on a website that you are not sure of, to prevent giving out your wallet phrase
A simple reminder yet still forget about this basic thing.

When they see some airdrops and free tokens, many users are connecting it without even questioning or reading the whole thing about those projects.

What they do is just connect it and do the simple task for them to be eligible for the airdrop that they're going to receive and anticipate but comes the unexpected.
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
October 10, 2022, 07:51:43 AM
#3
There might also be a chance that some website tabs have access to other tabs too (depending on your browser - especially if it's old) which can lead to issues with websites being able to alter what's presented in a different tab. Electrum had a vulnerability years ago that meant json requests from websites could access certain wallet information (including nmemonics for unencrypted wallets).

Malware is easier to catch when it's in browser too. Add ons are quite fast and easy to add (like apps on an app store) and if you install something that manages to get past malware filters or install it a different way then you could end up with funds being stolen without knowing how (and these are less likely to be picked up if you don't have anti virus added to your browser or the threat is new/unique).

The oldest biggest risk of using online wallets though seemed to be not backing them up/remembering your password so it's nice that's changed (especially at a time before bip39) - unless this new issue is bigger than that one was.

legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
October 10, 2022, 05:30:18 AM
#2
this is USER ISSUE

You have been thinking only to one use case, and yes, in many cases it's an user issue (usually phishing).

But you have missed the fact a developer with bad intention (for example one about to get fired) can do a small temporary change in such a website (even if it's a known and legit website) and log/save locally all those seeds. And after some days, months or years he can steal all those funds.

Or you've missed that a big number of so called online wallets are custodial wallets, meaning the user gets an account, not an actual proper wallet (the user doesn't own any private keys). Such a website, if gets hacked, will lose all the funds from the hot wallet, which can affect a lot o users. Or it can go bankrupt, or it can start asking for various KYC some may not be happy to give (and freezing/stealing the funds of those who don't comply).

So while the phishing and user issue is indeed the most common problem, it's not the only one that can happen. It's better to just avoid online wallets if that's possible.
newbie
Activity: 5
Merit: 0
October 10, 2022, 05:05:04 AM
#1
Online wallets are risky because people don't understand how to use it, they do not verify the links they are on (if they are on the real website), they insert their seed phrase without verifying the domain name(anybody that sends them a link they press it without too much thinking), etc. It's not the wallets fault, if you are referring to big wallets like Metamask, it's the user issue. If they receive a link in the Telegram they start pressing on it, or maybe found a project at the beginning that requires wallet connect, people pressing buttons like on Gambling, without even thinking or hesitating or giving a second thought, this is not wallets issue, this is USER ISSUE. The wallets offer you an interface, and you basically connecting your seed phrase which use cryptographic encryption from your local device, you are accessing with your local device their website, but people doesn't check if the link is correct or if the project is real, and so on. And when you connect it, you are literally giving them access to your funds. Is this wallet issue? No it's USER problem. Please stop clicking on links that are not secure, and stop connecting your wallet on a website that you are not sure of, to prevent giving out your wallet phrase
Jump to: