Bitcoin Forum

https://talkimg.com/images/2024/07/28/4enSG.png

https://www.wublock123.com/index.php?m=content&c=index&a=show&catid=10&id=29686

Why not add the link of the news? It is better to add the link because some people may prefer to read the news in full so that they can understand it better.

Advice:
Use a reputed wallet that is completely open source like Electrum, Sparrow and Bluewallet

Done. It doesn't look as if those wallets had issues. What I'm beginning to see is that there's always a loophole only if the hacker looks closely enough or if the owner is careless enough.

So long there aren't standard wallets, they will always have issues. And I will go with what @Charles-Tim said. Use only standard wallets to store your coins. All these social media were meant for entertainment and anything relating to funds or cryptocurrency should be avoided. They don't give you total control over them. It's just like a Centralized system, controlled by people. If you must use a wallet use the well known ones and store your keys in a place where you alone will know about and offline.

Not always. This is exactly one of the main reasons why we prefer open source wallet solutions. While no system is completely immune, open source allows for extensive scrutiny by the community, making it harder for vulnerabilities or exploits to hide.

Besides, this case has nothing to do with hacking. Adding a backdoor to wallet software with the intent of stealing user funds is clearly a criminal activity, but not hacking.

I wouldn't say that this is hacking or that the owners of those wallet was careless with their private keys. It was an intentional act by Zhank because he wanted to steal their funds that was why he made a back door to have access to people's private keys.

This is why open source wallets are the best wallets for storing bitcoin because it is open for all to look into the source code and improve the security. It is only a closed source wallet that a back door can be created unknown to the users. An open source wallet can not be compromised only if you expose your private keys or malware and Spyware attack your system unknown to you, because there is no back door.

Now from this news it shows that most of the hack and security bridging are from internal worker or staff who happens to have all details at their end side making it too vulnerable to steal people's information and personal savings in the exchange.
There should be a better way of choosing a staff maybe they should have a complains form to fill if they violate any of these rules either by stealing funds or revealing someone else information they should pay for it. Note: this is another case that could you (us) not to leave our funds in centralized exchange where we don't have access to our private keys.

Yeah, its getting pretty obvious that people are the weakest link when it comes to securing these exchanges.  The people running them have millions of dollars worth of other people's money on their hands and  you would think they would all go through some hardcore screening - personality tests, background checks, lie detectors... the works.  Just one sketchy dude can sink everything.

But even if you lock it all down, the exchanges themselves make too nice a target.  Essentially massive online vaults begging to get cracked.  Keeping your own keys is the only real protection.

The best way to have enough security is to have a low profile because if you become a target of hackers they will find a way to access to your coins, there are a lot of ways to do this with some advanced tools or even with social engineer. So, while you are not a target you can feel in the safe zone.

And security is not only about Bitcoin, is important to have good security practices in life, like not having the same password on different services, or using complex passwords with special chars, upper case letters and numbers.

Your topic title suggests that there's always a loophole regardless of how careful one is, but that's not the case here. The wallet was already flawed from the get go, so storing your bitcoins there puts you at a huge risk and means they are not YOUR bitcoins anymore.
If not this employee someone else could have attempted this and maybe someone has at a lower scale done so successfully.

Use non-custodian wallets which doesn't access your keys so can't create backdoors and make sure the wallet is open source.

Checking the wallet you are using is what makes your assets safe and there will be no loophole if it's open source. This is why many experts recommend people to use open source walletd rather than the closed source wallet providers.

I think it's not custodial wallet since there are private keys that are accessed by those people so it is more likely a wallet provider that isn't open source.

Generate your keys using a trustworthy open-source tool on a safe air-gapped device, never let your private keys connect to the internet and your wallet will be completely safe.
It's not that hackers will definitely find a way to access your wallet. If that was true, all users who hold big fund would have been hacked and bitcoin would have failed.

Yeah, it was non-custodial and huobi's actually --"iToken (the original Huobi wallet)"

I noticed there has been a rise of CEXs making their own non-custodial wallet as well and promotions are launched as well to get more people to install it. Let this be a reminder not to as they are closed source. Don't give in to promotions lol.

Good thing the police were able to caught the perps before they use the drained funds. Perps were being careful and wanted to wait for 2 years before they use it so victims are likely to get their money back.

Although we're not exactly talking about their custodial exchange service. This also says a lot about how malicious people can always linger around CEXs so let's not use them as a storage.