mikeywith (OP)
Legendary
Offline
Activity: 2408
Merit: 6618
be constructive or S.T.F.U
|
Most of you heard of the DNS attack which targeted Myetherwallet (MEW) web wallet users. tons of coins were stolen that day ( 6 days ago).
I can not stress on how important it is to use a hardware or at least an offline wallet to store your crypto ,but should you INSIST on using web based wallet keep in mind that you are only a few steps far from being compromised.
there are a few ways hackers can steal your coins, one of the most obvious is a DNS attack, therefore you should avoid using public - known DNS servers such as Google, OpenDns Home , etc ...
1- Always use your ISP DNS server, even though it is probably technically less secured than say Google DNS server but the fact that it is not used by so many users and mostly unknown, it stays far from the hacker's targets.
2- Always make sure that you are using a secure connection, using chrome for an example, you have to see a green lock next to the url your browsing, click on secure and check the validity of the certificate.
3-The use of Virtual Keyboards can save you sometimes. something like Kaspersky Virtual Keyboard is much more secure than hitting your keyboard.
4-use multiple wallets, remember the old saying about eggs and basket ! it is still valid.
--------------------------------------------------------------
**Pay to secure your money, as you already know, nothing is free in life, just like you pay to ensure your car , house and health you have to pay to secure your fundings, hardware wallets are really cheap ! spend a little on one !
**Avoid storing your funds on exchanges , exchanges are hackers no1 target. every couple of months you will most likely hear about an exchange being compromised, you do not want your coins to be there !
stay safe guys, this is the BILL you have to pay for owning crypto, you get 100% freedom + you take 100% responsibility of your fundings.
|
|
|
|
Welsh
Staff
Legendary
Offline
Activity: 3304
Merit: 4115
|
Use multiple wallets on different hardware. It's always good to have several offline wallets generated by different hardware and stored in different locations. (the private key that is) Private keys should also never be stored digitally for obvious reasons. Even if you must access your coins on a regular basis a hardware wallet is likely worth the initial investment as it prevents some of the common pitfalls.
My general advise for people wanting to exchange coins is only store your coins on the exchange just before he actually exchange them and then transfer them to an offline wallet as soon as possible if needed. If you are exchanging high amounts then it might be better to pay a little more in fees and exchange them in smaller chunks to prevent losing all if a exchange was compromised whilst you were exchanging.
|
|
|
|
Lucius
Legendary
Offline
Activity: 3416
Merit: 6149
Crypto Swap Exchange🈺
|
|
May 01, 2018, 01:44:06 PM |
|
Most of you heard of the DNS attack which targeted Myetherwallet (MEW) web wallet users. tons of coins were stolen that day ( 6 days ago).
I can not stress on how important it is to use a hardware or at least an offline wallet to store your crypto ,but should you INSIST on using web based wallet keep in mind that you are only a few steps far from being compromised.
there are a few ways hackers can steal your coins, one of the most obvious is a DNS attack, therefore you should avoid using public - known DNS servers such as Google, OpenDns Home , etc ...
1- Always use your ISP DNS server, even though it is probably technically less secured than say Google DNS server but the fact that it is not used by so many users and mostly unknown, it stays far from the hacker's targets.
2- Always make sure that you are using a secure connection, using chrome for an example, you have to see a green lock next to the url your browsing, click on secure and check the validity of the certificate.
3-The use of Virtual Keyboards can save you sometimes. something like Kaspersky Virtual Keyboard is much more secure than hitting your keyboard.
4-use multiple wallets, remember the old saying about eggs and basket ! it is still valid.
--------------------------------------------------------------
**Pay to secure your money, as you already know, nothing is free in life, just like you pay to ensure your car , house and health you have to pay to secure your fundings, hardware wallets are really cheap ! spend a little on one !
**Avoid storing your funds on exchanges , exchanges are hackers no1 target. every couple of months you will most likely hear about an exchange being compromised, you do not want your coins to be there !
stay safe guys, this is the BILL you have to pay for owning crypto, you get 100% freedom + you take 100% responsibility of your fundings.
That DNS attack is just another proof that hackers are working to find new ways how to hack online wallets,which means they are becoming unfortunately less safe and therefore less secure.Users do not pay attention whether page is genuine or is it have SSL,and when it comes to cryptocurrency you can lose everything in blinking of a eye. Regarding virtual keyboards,there is option in Windows for that, but opinions are divided can that protect us from keyloggers or not. As you suggest it is best to invest some money(around 100 $,maybe more)to buy hardware wallet,and also to spend some time on personal education.IT security is very important for anyone who wants to deal with cryptocurrency.
|
|
|
|
hugeblack
Legendary
Offline
Activity: 2688
Merit: 3971
|
|
May 01, 2018, 03:04:59 PM |
|
I didn't follow the technical news on the previous days, so I do not know of what happened with Myetherwallet wallet. As a result of the increase in the prices of these currencies, there has been a lot of news that talk about such attacks, so I do not find the traditional protection methods will withstand for a long time. So I prefer a paper wallet with public address(use any block explorer to check your balance) + mixing services (for privacy).
move your post to Beginners & Help
|
|
|
|
mikeywith (OP)
Legendary
Offline
Activity: 2408
Merit: 6618
be constructive or S.T.F.U
|
|
May 01, 2018, 03:26:18 PM |
|
Most of you heard of the DNS attack which targeted Myetherwallet (MEW) web wallet users. tons of coins were stolen that day ( 6 days ago).
I can not stress on how important it is to use a hardware or at least an offline wallet to store your crypto ,but should you INSIST on using web based wallet keep in mind that you are only a few steps far from being compromised.
there are a few ways hackers can steal your coins, one of the most obvious is a DNS attack, therefore you should avoid using public - known DNS servers such as Google, OpenDns Home , etc ...
1- Always use your ISP DNS server, even though it is probably technically less secured than say Google DNS server but the fact that it is not used by so many users and mostly unknown, it stays far from the hacker's targets.
2- Always make sure that you are using a secure connection, using chrome for an example, you have to see a green lock next to the url your browsing, click on secure and check the validity of the certificate.
3-The use of Virtual Keyboards can save you sometimes. something like Kaspersky Virtual Keyboard is much more secure than hitting your keyboard.
4-use multiple wallets, remember the old saying about eggs and basket ! it is still valid.
--------------------------------------------------------------
**Pay to secure your money, as you already know, nothing is free in life, just like you pay to ensure your car , house and health you have to pay to secure your fundings, hardware wallets are really cheap ! spend a little on one !
**Avoid storing your funds on exchanges , exchanges are hackers no1 target. every couple of months you will most likely hear about an exchange being compromised, you do not want your coins to be there !
stay safe guys, this is the BILL you have to pay for owning crypto, you get 100% freedom + you take 100% responsibility of your fundings.
Regarding virtual keyboards,there is option in Windows for that, but opinions are divided can that protect us from keyloggers or not. from a programmer point of view i can confirm that Windows Virtual keyboard is really easy to log. in fact even Kasper's virtual keyboard is hack-able but it should be something harder to do for an average programmer like me. so just as you said, the best thing is hardware wallet, all these other stuff are just a little extra security tips, like someone with only a knife in hand during WW2. can't really fight but might just get lucky
|
|
|
|
mikeywith (OP)
Legendary
Offline
Activity: 2408
Merit: 6618
be constructive or S.T.F.U
|
I didn't follow the technical news on the previous days, so I do not know of what happened with Myetherwallet wallet. As a result of the increase in the prices of these currencies, there has been a lot of news that talk about such attacks, so I do not find the traditional protection methods will withstand for a long time. So I prefer a paper wallet with public address(use any block explorer to check your balance) + mixing services (for privacy).
move your post to Beginners & Helppaper wallet is safe until you decide to move your coins, if you use a compromised pc to do so then you are doomed ! paper wallet is for sure much more secured than online wallets but still a hardware wallet is much more secure.
|
|
|
|
exalterego
Newbie
Offline
Activity: 99
Merit: 0
|
|
May 04, 2018, 09:18:22 PM |
|
3-The use of Virtual Keyboards can save you sometimes. something like Kaspersky Virtual Keyboard is much more secure than hitting your keyboard.
--------------------------------------------------------------
Kaspersky lab has proven to be the source of viruses, so I personally would not recommend this very software. Try using some other virtual keyboards, especially if you are using an Android-based wallet - this would ensure the security of your funds.
|
|
|
|
paul gatt
|
|
May 04, 2018, 10:12:46 PM |
|
Right! If we use public DNS servers, it is very easy to steal passwords and information. This will reveal the secrets of your trading. And maybe your money is stolen quickly. To invest in bitcoin use a dedicated computer for bitcoin safety.
|
|
|
|
twistedvape
Newbie
Offline
Activity: 16
Merit: 0
|
|
May 04, 2018, 10:19:43 PM |
|
I prefer to use the offline wallet and store the private keys data on hdd. Because I think it's safer.
|
|
|
|
9jaflick
|
|
May 04, 2018, 10:47:52 PM |
|
as advised, always protect your browser before accessing anything website that you store your funds in, Kaspersky antivirus is a good one. and secondly be self-conscious, don't store all your funds on one wallet, split it to different wallets. I have more than 7 wallets. if a hacker mistakenly gains access to your wallet, you will still be left with something because you didn't store all your coin in one particular wallet.
|
|
|
|
Welsh
Staff
Legendary
Offline
Activity: 3304
Merit: 4115
|
|
May 04, 2018, 10:54:44 PM |
|
Right! If we use public DNS servers, it is very easy to steal passwords and information. This will reveal the secrets of your trading. And maybe your money is stolen quickly. To invest in bitcoin use a dedicated computer for bitcoin safety.
It's worth noting that if you are using any DNS sever then you should trust the source. So if you don't trust your ISP then you probably shouldn't use their DNS sever. as advised, always protect your browser before accessing anything website that you store your funds in, Kaspersky antivirus is a good one. and secondly be self-conscious, don't store all your funds on one wallet, split it to different wallets. I have more than 7 wallets. if a hacker mistakenly gains access to your wallet, you will still be left with something because you didn't store all your coin in one particular wallet.
I swear by extensions such as noscript suite which prevent's javascript and other things from running automatically. It's probably better protection that an anti virus, although can also be used in combination with anti virus software.
|
|
|
|
keycellko
|
|
May 04, 2018, 11:35:53 PM |
|
Yes, i was scared when that happened to myetherwallet, thinking that my tokens and eth were stolen along with it. I got relieved when i checked that its still intact. All my life savings was there. I agree that we need to invest to secure our money. A hard wallet or offline wallet is the most secure wallet. Im thinking,also, to buy another laptop and make it solely for my cryptoworks.
|
|
|
|
9jaflick
|
|
May 04, 2018, 11:43:29 PM |
|
as advised, always protect your browser before accessing anything website that you store your funds in, Kaspersky antivirus is a good one. and secondly be self-conscious, don't store all your funds on one wallet, split it to different wallets. I have more than 7 wallets. if a hacker mistakenly gains access to your wallet, you will still be left with something because you didn't store all your coin in one particular wallet.
I swear by extensions such as noscript suite which prevent's javascript and other things from running automatically. It's probably better protection that an anti virus, although can also be used in combination with anti virus software. honestly speaking i have not tried using an extension, maybe I will give it a try this time around, we learn every day
|
|
|
|
dimastegar
Sr. Member
Offline
Activity: 798
Merit: 251
Small Trader
|
|
May 04, 2018, 11:54:25 PM |
|
I always use VPN to transact. I do not know if this is risky or not for me. And so far I am grateful my coins are always safe. Whether through MEW or Exchangers, I'm always wary of using both because we know that Hackers can use DNS from MEW or Exchangers to get Private keys and Passwords. They are smart. However, risk is the part we have to deal with.
|
|
|
|
mikeywith (OP)
Legendary
Offline
Activity: 2408
Merit: 6618
be constructive or S.T.F.U
|
|
May 05, 2018, 09:47:28 PM |
|
I always use VPN to transact. I do not know if this is risky or not for me. And so far I am grateful my coins are always safe. Whether through MEW or Exchangers, I'm always wary of using both because we know that Hackers can use DNS from MEW or Exchangers to get Private keys and Passwords. They are smart. However, risk is the part we have to deal with.
using a VPN to transact doesn't mean anything, it could be safe as much as it could be less safe. there really isn't a tight risk ratio attached to using VPN. a DNS attack is not on MEW it self , it is on rout from your PC to the WEB WALLET. anywhere in between. i still insist on using hardware wallet for best security practice.
|
|
|
|
EthanB
|
|
May 05, 2018, 09:57:20 PM |
|
It sounds like the biggest concern is a public DNS server that is very commonly used. If you are able to find a public DNS server that is relatively unused would that then mitigate most of the concern for hacking through that route? I'm pretty new to all of this, but how is your ISP DNS anymore protected than a public DNS that is used equally as much?
|
|
|
|
andrew1carlssin
Jr. Member
Offline
Activity: 168
Merit: 3
#Please, read:Daniel Ellsberg,-The Doomsday *wk
|
|
May 05, 2018, 10:01:16 PM |
|
since we are at crypto forum ... I would bet some chips ... PKI and SSL certificates vulnerabilities ...
|
Satoshi's book editor; SCIpher - https://pdos.csail.mit.edu/archive/scigen/scipher.html
|
|
|
levvv
Member
Offline
Activity: 532
Merit: 17
|
|
May 06, 2018, 11:48:02 AM |
|
Yeah it is risky if you use public dns. what i wonder is why google dns can be hijacked. for me, using myetherwallet alone is not secure to operate. just use metamask or other secure wallet.
|
|
|
|
carrie_white
|
|
May 06, 2018, 01:09:10 PM |
|
wow, thanks for the information, I even found out if using google DNS is very dangerous, I used to use it to stabilize my modem connection, and now I will never again do, thanks again for the information
|
|
|
|
dollarneed
|
|
May 06, 2018, 01:44:36 PM |
|
I always use VPN to transact. I do not know if this is risky or not for me. And so far I am grateful my coins are always safe. Whether through MEW or Exchangers, I'm always wary of using both because we know that Hackers can use DNS from MEW or Exchangers to get Private keys and Passwords. They are smart. However, risk is the part we have to deal with.
I'm using a VPN too, is this safe enough?? (I'm not a tech savvy so i don't have any idea about this) Well, this makes me scared but thanks God my tokens are still safe out there, to be honest I'm just worried about MEW wallet, not exchange since I have enabled 2fa factor though it's not completely safe and bad way storing your crypto out there. I swear by extensions such as noscript suite which prevent's javascript and other things from running automatically. It's probably better protection that an anti virus, although can also be used in combination with anti virus software.
How about installing extensions such as EAL or MetaMask or Cryptonite as MEW wallet suggested, is this safe enough? in order to protect us from the DNS attack.
|
|
|
|
|