With the continued growth of cybercrime and more frequent hacking of PCs, tablets and mobile devices, the question is not whether you will be hacked, but when. Therefore, better safe than sorry, make sure your crypto assets are safe even if your device is jailbroken by following these tips.
# 1 Keep Your Cryptocurrency Wealth A Secret
Anonymity is your best ally. If you do not own cryptocurrency, you are likely to be of less interest to scammers who specialize in stealing cryptoassets. Telling everyone openly that you own cryptocurrency increases your chances of being targeted by targeted phishing attacks. Unlike regular phishing attacks, spear phishing is a technique that involves obtaining personal information about the intended target and embedding malware in a personal message, even in PDF, photo or GIF format, or from a trusted source that is easier to hack. It could even be a physical attack on your device.
So don’t brag about how rich you are in cryptocurrencies. People don’t need to know how many tokens you have and where you store them.
# 2 Keep mnemonics and private keys on paper
Remember that any digital device you use can be hacked, and probably will at some point, so never store your private keys digitally. Even encryption is insecure if your device is jailbroken. Your screen and keyboard can be cloned and displayed. When this happens, one glance at your mnemonic will give the fraudster access to your wallet.
Your best bet is to make a paper copy split in two and hide multiple copies in different places and with people you trust. As gifted as they are, criminals cannot access paper copies! Except, of course, physical theft, but that’s a different situation. It is recommended that you check these areas at least twice a year to make sure your mnemonic is still readable – ink does not tarnish and paper does not deteriorate.
# 3 Store most of your cryptoassets in a cold wallet
Hot storage wallets make life easier in day to day use, but wallets like Metamask, which use passwords as the only layer of security, have been hit by several successful attacks lately, so it’s best to keep limited amounts there and keep most of your coins in a cold wallet. such as Ledger or Trezor. This minimizes risks. 2key and Metamask wallets can work together with Ledger or Trezor cold wallets.
# 4 Use 2FA
2FA increases digital security 1000 times and protects against hackers. Of the 2FA services, SMS is the least effective as SIM interception is enough to get around it, so always go for the Google or Microsoft Authenticator options that generate a time-limited one-time code.
Yes, it’s annoying to add one layer of manipulation to access the destination, but it greatly reduces the risk of mistakenly passing your credentials to a phishing site.
2FA should also be used to protect your non-cryptocurrency assets.
A popular hack method is to redirect your site or app access request to a cloned site or app and use it to steal your credentials. The secure 2FA settings also confirm that the device you use to access the app or site is owned or operated by you.
A popular authentication app, besides Google Authenticator, is Authy, which allows you to create a master password to recover all of your two-factor authentication after switching to a new phone.
# 5 Monitor your devices for signs of being tampered with
There are general warning signs of jailbreaking your device, common or different for computers, tablets, and phones, such as random downloads, random reboots, independent mouse movement, warning signs of jailbreaking from new devices to the products you use, and more. However, hidden spyware that aims to steal your information or display your activity can be invisible, so always assume that your device may have been jailbroken.
In the event of a suspected or confirmed hack to protect your cryptoassets NOT take any action from the jailbroken device. Use a secure device to open a new wallet and transfer your assets to that address. In any case, if you’ve followed recommendation # 3 above and kept most of your crypto assets in a cold wallet, the amount of crypto in a potentially compromised wallet should be minimal. Once you’ve safely transferred your crypto assets from a secured separate device, it’s time to take action to assess the damage on your infected device and take corrective action.
Warning: Hackers gaining access to one of your devices can use the collected information to access your other devices, such as a phone, tablet, watch or other device. Avoid using a connected device to transfer your crypto assets to a new wallet.
To summarize: anonymity, physical storage of private keys, cold wallet and two-factor authentication, and your crypto assets will be 99.99% safe even if your device is hacked!