Bitcoin recently went parabolic, as the cryptocurrency recently hit a new all-time high above $16,300, and its market cap is now above $274 billion. Even if you only own altcoins, the cryptocurrency ecosystem’s market cap is already above $420 billion, so chances are your money may soon be targeted by hackers trying to get in on the cryptocurrency craze. To help you keep attackers at bay, we decided to give you a few tips on how to keep your cryptocurrencies safe.
1. Use a paper/hardware wallet
It’s important to first and foremost understand that a person with access to a wallet’s private keys has access to the money in it, regardless of who put it there. Taking that into account, most cryptocurrency enthusiasts who take security seriously use paper and/or hardware wallets to keep their cryptocurrencies safe.
The advantage these wallets bring to the table is that the key is on the device or the piece of paper, not your computer, and as such isn’t vulnerable to phishing or malware attacks. These, however, need to be kept safe and be properly backed up as hardware devices and pieces of paper can get damaged. The important thing is that you keep your private keys to yourself.
2. Avoid keeping your money on exchanges
Those who don’t want to deal with the responsibility of keeping their private keys safe at all times can still deposit their money on cryptocurrency exchanges and keep it there. Data leaks, malware attacks, and phishing scams can trick you into giving away your login credentials, so it’s important to know how to avoid these.
Moreover, exchanges themselves can fail. Back in 2014, bitcoin’s price crashed as the biggest cryptocurrency exchange at the time, Mt Gox, suddenly closed and claimed to have been hacked. At the time, about 800,000 BTC – now worth over $13 billion – went missing. 220,000 BTC were later found but are still being held by a trustee, as the company’s insolvency goes through Japan’s legal system.
If you truly must keep your money on an exchange, go for Coinbase, Bitstamp, or any other regulated exchange that keeps most of its funds in cold storage. Keep in mind the money is still on their hands, not yours.
3. Never reveal how much you have
Another important security tip to keep in mind is to never reveal how much you have. Cryptocurrencies are all about privacy and owning your own money. There are countless stories of people who boasted of becoming millionaires thanks to cryptocurrencies on Reddit and bitcoin-related forums, only to then get hacked and lose it all. When you reveal how much you have, you essentially put a target on your back that’ll motivate bad actors to get to your private keys and test your security systems. Avoid that, stay anonymous, and stay safe.
4. Use two-factor authentication
Various users see two-factor authentication (2FA) as a burden, as they have to both enter their passwords and then confirm they’re entering either through their phones or email accounts. Truth is, 2FA ensures safety, and should be used with the Authy or the Google Authenticator app – not through SMS. The problem with SMS 2FA is that, through social engineering, hackers can get access to your text messages and use that access to compromise your account.
There are numerous stories out there where users got compromised using SMS 2FA. A blog post by Cody Brown, a victim, reveals that he helplessly watched as 1.18 BTC, 70.96 LTC, and 16.03 ETH were taken from his account by a hacker who socially engineered Verizon. Losses totaled over $8,000 loss at the time, and over $32,000 at today’s rates.
5. Use anti-malware software
It’s important to use anti-malware software such as Malwarebytes to make sure your computer hasn’t been compromised. Keylogging malware can easily steal passwords you type while logging into your accounts and send them to the hacker. Recently a specific cryptocurrency targeting-malware dubbed “CryptoShuffler” took control of victims’ clipboards to change copied addresses to those that belonged to the hacker. CryptoShuffler netted its creators over $370,000, and could easily be removed with simple anti-malware software.
6. Check your balances using block explorers
Last but not least: If you keep checking your wallet’s balance by entering it with your private keys, you are creating a vulnerability that can be exploited. Even if you follow our advice and use anti-malware software, if something gets past it and manages to steal your private keys, someone else can access your wallet and move the funds to a wallet you have no control over.