The mistake I see so many people make with local wallets

QuickAccount

member

Activity: 189

Merit: 52

In a world of coins, use them.

Quote from: Maus0728 on February 25, 2022, 07:22:48 AM

Quote from: QuickAccount on February 24, 2022, 03:18:50 PM

A good amount of the people I know that use Exodus on their PC download untrustworthy and cracked programs. These people are holding hundreds, sometimes thousands of dollars worth of coin on the same device they are downloading cracked programs and shady things on.

The only solution I can think of is to slowly educate them about the basics and how they can imrpove their security hygiene. Nowadays, lots of people are losing a handsome amount of money due to poor InfoSec. You can perhaps, provide them a beginner friendly resources like the ones below..

- The dos and don'ts of Bitcoin key management
- Bitcoin for Beginners Playlist: Intro to Bitcoin, Satoshi, Security, Mining and More

I just hope that those friends of your will not experience an expensive lesson!

I believe that this would be the best approach. I'll try to write a guide soon on how to keep your Bitcoin and Alt coins safe when starting out. Its hard to recommend people an article from a crypto website about keeping their wallet safe due to the article somehow leading to trying to sell the reader something most of the time such as the parent company's or sponsored company's hardware or software wallet.

Maus0728

legendary

Activity: 1904

Merit: 1563

Bitcoin Casino Est. 2013

Quote from: QuickAccount on February 24, 2022, 03:18:50 PM

A good amount of the people I know that use Exodus on their PC download untrustworthy and cracked programs. These people are holding hundreds, sometimes thousands of dollars worth of coin on the same device they are downloading cracked programs and shady things on.

The only solution I can think of is to slowly educate them about the basics and how they can imrpove their security hygiene. Nowadays, lots of people are losing a handsome amount of money due to poor InfoSec. You can perhaps, provide them a beginner friendly resources like the ones below..

- The dos and don'ts of Bitcoin key management
- Bitcoin for Beginners Playlist: Intro to Bitcoin, Satoshi, Security, Mining and More

I just hope that those friends of your will not experience an expensive lesson!

Questat

hero member

Activity: 2800

Merit: 603

Quote from: QuickAccount on February 24, 2022, 03:18:50 PM

Hey!

I have been getting some beginners into crypto outside of the forum for a bit. Mostly just people from the other communities i'm a part of asking how to buy and hold bitcoin or some other coin. Most of them used Exodus Wallet on their PC, which is fine but it leaves the door open for your wallet getting stolen if you don't know what you're doing. A good amount of the people I know that use Exodus on their PC download untrustworthy and cracked programs. These people are holding hundreds, sometimes thousands of dollars worth of coin on the same device they are downloading cracked programs and shady things on. These beginners need to understand that a crypto wallet doesn't work like a bank. If you get your key stolen your out of luck, no one has your back when your keys get stolen.

They aren't yet experiencing getting hacked that is why they still using it and perhaps, never mind it. Most of the time we think it was right and we don't even think about it until it comes and then ask another way to secure our funds and what wallet is ideal.
I'm not sure how you responded after hearing those things and I assume that you give them a piece of advice rather than leaving them having such trust to exodus wallet.

Lucius

legendary

Activity: 3234

Merit: 5637

Blackjack.fun-Free Raffle-Join&Win $50🎲

If someone has no choice in terms of using crypto wallets in a secure environment, then I would advise backing up and replacing the hot wallet with a watch-only wallet that still allows you to have insight into your transactions and balances, but no one can hack and steal coins. This is especially recommended for those who intend to keep their coins for the long term and occasionally increase their stock.

Of course, before that, we need to check if we have the correct backup, and this is best done by copying the generated addresses from the wallet, deleting it, then doing recovery with seed, and checking if the wallet has generated identical addresses.

This is an example for Electrum, but as far as I know, Exodus does not support this option - but it is possible to track each coin address through its block explorer or through one of the apps that allow you to track your crypto portfolio.

Accardo

hero member

Activity: 1078

Merit: 509

Leading Crypto Sports Betting & Casino Platform

It's a huge development here and many people are victims of this clipboard malware attack used by scammers to phish money into their wallet. And the attack can be successful without downloading cracked apps even, some pix editing apps can be vulnerable to the attack. The best thing to do is to cross check the address they want to send money into before sending and also search their phones if they are apps they don't use anymore and uninstall it. Because the clipboard malware can easily take permission from such apps without being suspicious.

Coin_trader

copper member

Activity: 2758

Merit: 1163

Leading Crypto Sports Betting & Casino Platform

Quote from: mk4 on February 24, 2022, 11:26:32 PM

A lot of people indeed think that they can just contact customer support and retrieve their funds once stolen. Unfortunately, people have been to spoiled and used to the just-let-customer-support-retrieve-it security model, that a lot of people will learn the hard way when it comes to crypto.

This is true and actually my previous ideology until I experience it first hand. I thought I can easily retrieve funds since the company has a license to operate since I'm protected by the law but when I experience lock of my funds, They delay the action to resolve my issue for almost a year of waiting. I have no choice and just wait for them to send me a reply back to my email. In the end I need to go to there main office and submit all the documents they required before they release my funds.

After that, I never used local wallet ever again for storing funds. I just use it on buying prepaid load and paying bills for cashback.

nullama

hero member

Activity: 980

Merit: 957

And attacks are getting harder to notice these days, you need to be extra careful.

For example, this guy used Electrum in an infected computer, and the malware changed the address from the clipboard:

Quote

Original address: bc1q5dwnx98y9zhgyvmuc5le6754jgt39vkyt0j7z5
Swapped address: bc1q5dqphunld7pj8nvgux9xdsqagsrxgf0h3t0fu7

bc1 is always there for newer addresses, but the next three characters were created to match the original address, basically a vanity address.

Always double check the address you're sending money to.

mk4

legendary

Activity: 2716

Merit: 3817

Paldo.io 🤖

A lot of people indeed think that they can just contact customer support and retrieve their funds once stolen. Unfortunately, people have been to spoiled and used to the just-let-customer-support-retrieve-it security model, that a lot of people will learn the hard way when it comes to crypto.

jrrsparkles

sr. member

Activity: 2380

Merit: 251

Eloncoin.org - Mars, here we come!

First of all we should never download any softwares apart from the official website, importantly the cracked and unlocked softwares which has chances of containing malware and Trojans.

Secondly you should use better wallet, for Bitcoin Electrum is a lot better on PC as well and you can create airgapped wallet if you have any other PC of Android and never let the device to be connected on internet.

Darker45

legendary

Activity: 2576

Merit: 1860

🙏🏼Padayon...🙏

Since you are the one who guided them into crypto, perhaps you could also guide them to understand security in crypto. Especially those who are holding thousands of dollars in their Exodus wallet, I guess you should encourage them to spend a little more on a hardware wallet. I think they could already get either a Trezor or a Ledger with just around $60. That's a small amount to pay for high security. With Bitcoin, a wallet doesn't work like a bank because the owner plays the role of a bank.

boyptc

hero member

Activity: 2982

Merit: 678

★Bitvest.io★ Play Plinko or Invest!

Just advise them if they have a separate device, use it as their wallet. I wouldn't do that if I'm them, if they're into downloading cracked software, they shouldn't place their wallet there.

They're totally at risk of losing their fund.

It may sound easy but it's really risky and worrying. Tell them, don't wait until something bad happens to their wallet or pc because they've known it from the start that they've got unlicensed software.

Welsh

staff

Activity: 3248

Merit: 4110

Quote from: QuickAccount on February 24, 2022, 05:52:28 PM

I agree with this, the second most asked question I get from people who are trying to setup a wallet is something along the lines of "Can't I just download bitcoin on my phone?" which is a tricky question because the answer is yes, but the smart answer and choice is no.

My answer to this question is usually, yeah it's possible, but isn't recommended especially if the device you intend on using for it, is your daily driver. I for one can't recommend anyone to use a device whether that's a phone or a computer that they use for anything else which requires connecting to the internet. The exception is Qubes due to the way it's designed, although physical isolation is safer since there could be undiscovered issues in Qubes. Physical isolation you can always be somewhat sure that your safe from most common attacks or mistakes.

Quote from: kaya11 on February 24, 2022, 06:33:16 PM

This happens a lot in some places where I reside, you can't blame the users of cracked apps, they are free and open to use by anyone. Me my self and some of my friends are using it, the OS of my PC is a cracked version too. Only I update it most of the time and all security aspects are on.

For me, when it comes to security there shouldn't be any compromise, unless its a rational one i.e not setting your password to 100 characters long because you'll never be able to remember it. Using a cracked operating system when there are arguably more secure operating systems out there that are free, seems like negligence to me. Obviously, everyone has different threat models, but personally being responsible for your own money, you need to take every rational precaution that you can.

kaya11

full member

Activity: 1302

Merit: 110

Quote from: QuickAccount on February 24, 2022, 03:18:50 PM

Hey!

I have been getting some beginners into crypto outside of the forum for a bit. Mostly just people from the other communities i'm a part of asking how to buy and hold bitcoin or some other coin. Most of them used Exodus Wallet on their PC, which is fine but it leaves the door open for your wallet getting stolen if you don't know what you're doing. A good amount of the people I know that use Exodus on their PC download untrustworthy and cracked programs. These people are holding hundreds, sometimes thousands of dollars worth of coin on the same device they are downloading cracked programs and shady things on. These beginners need to understand that a crypto wallet doesn't work like a bank. If you get your key stolen your out of luck, no one has your back when your keys get stolen.

This happens a lot in some places where I reside, you can't blame the users of cracked apps, they are free and open to use by anyone. Me my self and some of my friends are using it, the OS of my PC is a cracked version too. Only I update it most of the time and all security aspects are on. Nevertheless it gave me no problem at all. For assurance I never download and wallets on it, only using my phone to but in case there could be possible attacks, since I am logging on some exchange, I use 2fa and other securing methods for my funds to be safe. I was also a victim of a phishing site the year 2017 so basically I am aware of the things that might hijack my PC and taking more extra precautions.

QuickAccount

member

Activity: 189

Merit: 52

In a world of coins, use them.

Quote from: Welsh on February 24, 2022, 05:40:58 PM

Isolation is always the best policy, wherever possible physical isolation should be the approach, however if that isn't possible at the very least virtual isolation via a operating system like Qubes OS. However, I think one of the more common issues with wallets aren't local wallets, but signing up for a non custodial wallet like Blockchain because of how easy, and convenient it's. However, from my observations with anything to do with security, regardless of whether that's Bitcoin or not is, whenever something is convenient, it's almost always systematically more insecure than the less in convenient way.

I agree with this, the second most asked question I get from people who are trying to setup a wallet is something along the lines of "Can't I just download bitcoin on my phone?" which is a tricky question because the answer is yes, but the smart answer and choice is no.

Welsh

staff

Activity: 3248

Merit: 4110

Isolation is always the best policy, wherever possible physical isolation should be the approach, however if that isn't possible at the very least virtual isolation via a operating system like Qubes OS. However, I think one of the more common issues with wallets aren't local wallets, but signing up for a non custodial wallet like Blockchain because of how easy, and convenient it's. However, from my observations with anything to do with security, regardless of whether that's Bitcoin or not is, whenever something is convenient, it's almost always systematically more insecure than the less in convenient way.

QuickAccount

member

Activity: 189

Merit: 52

In a world of coins, use them.

Hey!

I have been getting some beginners into crypto outside of the forum for a bit. Mostly just people from the other communities i'm a part of asking how to buy and hold bitcoin or some other coin. Most of them used Exodus Wallet on their PC, which is fine but it leaves the door open for your wallet getting stolen if you don't know what you're doing. A good amount of the people I know that use Exodus on their PC download untrustworthy and cracked programs. These people are holding hundreds, sometimes thousands of dollars worth of coin on the same device they are downloading cracked programs and shady things on. These beginners need to understand that a crypto wallet doesn't work like a bank. If you get your key stolen your out of luck, no one has your back when your keys get stolen.

Topic: The mistake I see so many people make with local wallets (Read 236 times)