How to protect your crypto from hackers

11 Security secrets To Protect Your Crypto From Hackers

Cryptocurrency has become a popular investment over the years and more people are opening up to the idea of owning and trading cryptocurrencies. This has created a surge in the number of crypto-related security breaches, which has increased the incentive to protect your crypto investments.

11 Security secrets To Protect Your Cryptocurrency From Hackers

  1. Don’t Use Email or SMS for 2FA
  2. Whitelist Your Crypto Addresses
  3. Use The Best Antivirus/Internet Security Software
  4. Use A No-Log VPN
  5. Lock Sensitive Apps
  6. Don’t Store Passwords Or Keys In Cloud Or Remotely
  7. Store Passwords And Keys In A Physical Safe
  8. Use The Most Secure Email Providers
  9. Use A Hard Or Soft Wallet
  10. Use Screen Lock On Your Phone
  11. Use A Private Blockchain-Based Browser

1. Don’t Use Email or SMS for 2FA

Email 2FA is a little more obvious as to why you shouldn’t use it, your account can be hacked. Once hacked, they’ll have access to your 2FA and any confirmation emails needed to send your crypto to their wallet.

Many people think SMS is secure, however, it’s not as safe as it seems. There are 3 main ways a hacker can gain access to your SMS 2FA code:

SIM Swap

What’s SIM swapping? SIM swapping is the process of transferring your phone number, either to another device or to another carrier. This gives the hacker complete access to all data associated with your phone number.

Sometimes all that’s needed for a SIM swap is your phone number and the last 4 digits of your Social Security Number (SIN in Canada).

Device Forwarding

If you forward your text messages to another device such as a tablet or laptop all the hacker needs is access to that device.

So, if you lose your tablet, whoever is in possession of them will have access to all your forwarded messages.

SS7 Attack

SS7 is a protocol that is used to establish and maintain a communication session. It was designed to support the exchange of services between mobile and fixed networks. The biggest danger of the SS7 protocol is that it can be used for exploitation.

An attacker can perform a denial of service, exfiltrate sensitive data, or hijack a communication session. An attacker can also exploit the SS7 vulnerabilities to execute a denial of service attack, exfiltrate sensitive data and even hijack a communication session.

What to use instead?

authy

An Authenticator app. There are a couple main options for this:

  1. Authy
  2. Google Authenticator

I have a personal lack of trust bias against Google and therefore I use Authy as my authenticator app. It’s worked flawlessly.

2. Whitelist Your Crypto Addresses

Whitelisting allows you to only be able to send cypto to authorized addresses. Not every app has this feature, but if they do you can typically find this option in the security settings.

For example, I have to manually add whitelisted addresses in my Nexo account.

nexo whitelisting 2

Nexo also has an option to place a wait period of that address for 24, 48 or 72 hrs. Meaning, the newly added address cannot be used for that designated period of time.

Which is different from my Crypto.com account, as they automatically whitelist new address with a waiting period of 24 hours.

Here’s what my Crypto.com whitelisted addresses looks like:

crypto.com whitelist

Why do both Nexo and Crypto.com have waiting periods on new addresses?

If someone hacks my account and adds an address, I’ll receive an email notification that I’ve added a new address (which I didn’t). I can then take steps to protect my crypto before the 24 hour wait period is over and they wipe me clean.

3. Use The Best Antivirus/Internet Security Software

I’m a Windows guy and their built in antivirus is rated well based on my research. It seems to meet the average persons basic needs.

But since we’re dealing with our investments here, I only advocate for the best security money can buy.

Recommended security suites:

Bitdefender

bitdefender antivirus 2

Kaspersky

kaspersky antivirus

I decided to go with Bitdefender and haven’t looked back since.

Bitdefender is Rated #1 as The Best Antivirus on popular tech sites like PCmag and Techradar with evidence to back up their decisions.

It’s not resource heavy and doesn’t slowdown my devices one bit.

4. Use A No-Log VPN

A VPN is a Virtual Private Network that is used to mask or hide your real IP address, and can be used to get around firewalls set up in your home or workplace, and access the internet without restrictions.

A no-log VPN is a VPN that does not keep any logs of your activity, including your IP address. This means that any website you visit, any emails you send and any downloads you make will not be stored on the VPN’s servers.

How does a VPN help protect you from hackers?

For example, a hacker might use your IP address to access your computer or phone to steal your personal information. VPNs help to encrypt your data and ensure that it cannot be accessed by anyone other than you. They also help to protect your internet connection from hackers and geo-restricted content.

I went with Bitdefender’s VPN since I was already using their complete security suite and was happy with the product. It may be cheap, however, it does lag, freeze and disconnect at times. It’s also not exactly the fastest VPN out there, but it’s probably the best in its’ price range.

Keep in mind when it comes to choosing a VPN, you typically get what you pay for in terms of speed.

Here’s some recommended no-log VPN options:

CompanyPrice (based on 1yr sub)
Bitdefender VPN$1.99/mnth
Ivacy VPN$3.99/mnth
Cyberghost VPN$4.29/mnth
Nord VPN$4.99/mnth

5. Lock Sensitive Apps

This allows you to lock any app you want that may contain sensitive information y way of a PIN or fingerprint unlock.

This adds an extra layer of protection to the 2FA built into your crypto apps.

Here’s the backend of my Bitdefender App Lock:

bitdefender app lock

Most antivirus and security software have this feature built in.

6. don’t Store Passwords or Keys in cloud or remotely

When I read through the horror stories on Reddit of people whose crypto got hacked, the most common mistake people seem to make is storing their passwords or keys in the cloud or email.

Why is this not safe?

If you’re email or cloud account ever gets hacked, they now have backdoor access to your crypto.

If your email and password ever get leaked online through security breaches, you’re done.

7. Store Passwords And Keys In A Physical Safe

This adds to the points above. Write down all your passwords, seed phrases and keys down and store them in a safe. If you can afford it, get a fireproof safe.

If you lose access to your crypto wallet for whatever reason and you don’t have your seed phrase to restore your account, your crypto is good as gone.

You are your own bank, secure your assets like one.

8. Use the most secure email providers

You may be wondering “what? you mean Gmail and Outlook aren’t safe?”. The short answer is no, not to protect your crypto.

Why isn’t Gmail safe? The emails aren’t encrypted. Therefore, if the emails ever get intercepted, they can be read clear as day. Encryption equals privacy.

It’s not open source. Meaning, the security of the code cannot be verified by security experts.

You aren’t anonymous. Commercial email providers such as Gmail and Outlook know everything about you; name, address, age, where you live, heck they even know your favourite tv shows.

What to look for in a secure email provider?

  • Encryption
  • Open source code
  • Anonymity

Recommended secure email providers:

ProtonMail

prontomail

Tutanota

tutanota mail

9. Use a hard or soft wallet

Storing your crypto in a hard or soft wallet gives your sole ownership over your crypto compared to keeping it on an exchange.

Soft and hard wallets are both decentralized, giving you full ownership to your crypto. This is not the case with exchanges as they are centralized.

What’s the difference between a soft and hard wallet?

Soft Wallet

A crypto soft wallet is a software program that stores your private keys, allowing you to sign transactions and initiate the transfer of assets. They typically use a private key that enables you to control your funds and store them securely.

In addition, a software wallet is more convenient because it is easy to access and use as all you need is internet access oppose to carrying around a physical device.

However, software wallets can be vulnerable to viruses, keyloggers, and malware. Therefore, it is important to keep your software wallet updated and monitored.

Recommended soft wallet:

Hard Wallet

A crypto hard wallet is a software device that allows you to transfer your crypto onto it and store it offline. This makes them safer from hackers than soft wallets.

The downsides to using a hard wallet are if you were to ever lose it, you will lose all your crypto.

It’s extremely important it is stored in a fireproof safe for protection.

Recommended hard wallets:

Ledger

ledger hard wallet

Trezor

trezor hard wallet

10. Use Screen Lock

11. Use A Private Blockchain-Based Browser

A blockchain-based browser is a browser that uses the blockchain to help keep your private data safe. This is done by encrypting your data, so that nobody can access it without your permission. Therefore, you are in control of your privacy.

All the data that you share with your browser is encrypted and can’t be read by anyone without your permission.

Some main benefits of a blockchain-based browser are that they are faster, more secure, and more private than traditional browsers.

A blockchain-based browser is different from a regular browser because it’s based on a blockchain. Blockchain technology is a decentralized, distributed, and encrypted digital ledger that is used to create a record of transactions which cannot be altered once recorded.

What are the best blockchain-based browsers?

If you want more info, I talk a bit about the following two blockchain-based browsers in the post.

Brave

brave browser 2

Opera

brave browser 1