New crypto users, a few tips to avoid losing your hard earned coins

[Bitsaurus]

Hey ladies and gents. I’ve been off the boards for a long time but I’ve still been mining. My friend just made a couple of errors with some crypto she had despite me verbally explaining things to her before, so I thought I would write some general guidelines for all those new to using cryptocurrency. This is general advice and applies more or less to every single cryptocurrency out there including Bitcoin, Ethereum, Litecoin and so forth.

•   Whenever possible, try to be the only person who has access to your private keys (ie own your private keys). Having a public address is like knowing the shipping address for Amazon, you know there’s a lot of money there but you don’t have the keys to enter the building. The private keys are the access to your coins, if you give out that information anywhere on the internet your coins are as good as gone.
•   As private keys are the things that control access to your money, only you should control your coins. Don’t leave them on an exchange unless actively trading. It’s very unlikely that even a lawsuit will be able to recoup the value of lost/stolen coins.
•   Going back to the idea that your private keys are the keys to unlocking your coins, make sure they are backup up somewhere. Many people think their coins are actually located inside the wallet.dat file that many conventional wallets use – but the wallet.dat file just keeps the private keys. Sometimes you can encrypt the file with a password, but it is still better to keep a backup copy as you would with childhood pictures or any other important document. There are numerous threads on the forums showing a variety of ways to keep backups – everything from printing out a single copy which you keep in a safe to super paranoid distribution of encrypted files spread around the world.
•   Since most hackers know that private keys are the key (pardon the pun) to getting access to your coins, they will often employ keyloggers and other malware to learn what passwords you enter. Some malware even log clipboard content and take screenshots intermittently so even using onscreen keyboards and password managers might not be safe. The most prudent course of action is just avoid clicking any link you’re not sure is 100% safe. If you can afford it, it’s wise to dedicate a separate machine for handling your wallet synchronizations that doesn’t do anything unsafe like downloading questionable torrents and surfing new websites. Alternatively, you can use a hardware wallet which essentially uses encryption hardware to shield your private keys from the PC allowing you to use your wallet on a system without worry about compromise. Notable hardware wallet companies are Trezor and Ledger and prices are generally reasonable considering the protection they provide.
•   Hardware wallets are also a good option if you like to access your wallets somewhat frequently but worried about residential theft (like if you keep your hardware wallet in a drawer right next to your PC). A hardware wallet, if fallen into the wrong hands, prevents thieves from accessing your coins as would a safe. It does not keep a backup of your private keys, however, so again make sure you can access those even if your hardware wallet is stolen (a user in the forums posted about his wallet being hidden under his bed without a backup - not a good idea when most thieves will take anything small and electronic)
•   If you do choose to buy a hardware wallet only buy from reputable sources – preferably the vendor itself. Amazon used to be a safe place to buy from but they have been mixing their inventory recently and many people are receiving Nano and Trezor wallets that have been used or at least the box was open. Understand how seeds and wallets work before dumping all your coins into one.
•   If you have any intention of sharing your coins with others in the event of injury or demise, make sure those involved know how to access the public and private keys. Making a convoluted 97 letter password is not a good idea if you’re the only one who will ever know the password.
•   Blockchain transactions are for all intents and purposes irreversible. If you send money to the wrong address or put the wrong amount you’re at the mercy of the receiver to send the balance back to you. If you send to an unknown address you might as well kiss the coins goodbye.
•   If you are making a purchase of an item or traded good on the forums, please check out the user’s Trust rating. If the value of the item is significant you should consider using an established escrow service. Spending just 0.5% of the cost of the transaction can save you from a world of headache. Remember that blockchain transactions are not reversible so sending to any party you are not familiar with before receiving an item is blindly trusting that person.
•   As Lucius notes, below, always check the destination address when you are sending coins. Some malware attacks actually alter the address when they read a crypto address has entered the clipboard, so instead of copying the address you want to send to, the malware replaces the destination address and you paste the wrong address into the sending field. Usually checking the first and last 3 or 4 digits is sufficient, but checking 12 or more digits makes it nearly impossible for somebody to have made a near clone address (simple entropic math).


If you have any further suggestions or tips please recommend them and I’ll append them to my list. Hopefully this helps a few people avoid a few mistakes.

[1715265167]

1715265167

[ranochigo]

If you can afford it, it’s wise to dedicate a separate machine for handling your wallet synchronizations that doesn’t do anything unsafe like downloading questionable torrents and surfing new websites.

It's pretty unnecessary. Hardware wallets can actually be used with infected computers and hence why they're a preferred method of storage. Its unrealistic for someone to get another computer just for Bitcoin.

A good anti virus and some prudent measures are generally enough.

•   Hardware wallets are a good option if you’re willing to spend some money and like to access your wallets somewhat frequently but worry about residential theft. A hardware wallet, if fallen into the wrong hands, prevents thieves from accessing your coins as would a safe. It does not keep a backup of your private keys, however, so again make sure you can access those even if your hardware wallet is stolen.

It isn't what it's designed for. While hardware wallets are reasonably hardened against physical attacks, they're primarily used to guard against malware and use on compromised computer. They can defend against physical attacks but it'll be way better to keep them in a safe instead.

•   If you do choose to buy a hardware wallet only buy from reputable sources – preferably the vendor itself. Amazon used to be a safe place to buy from but they have been mixing their inventory recently and many people are receiving Nano and Trezor wallets that have been used or at least the box was open. Understand how seeds and wallets work before dumping all your coins into one.

It's okay to buy from the third party if you've the technical knowhows to wipe the device completely. Border agents tends to open the package and inspect the device and it's safe as long as the seal is not broken and that your device is not opened physically.

•   If you have any intention of sharing your coins with others in the event of injury or demise, make sure those involved know how to access the public and private keys. Making a convoluted 97 letter password is not a good idea if you’re the only one who will ever know the password.

Multisig could be a possible way to store Bitcoins. Try exploring that.

Other than that it's comprehensive. Great work.

[Bitsaurus]

If you can afford it, it’s wise to dedicate a separate machine for handling your wallet synchronizations that doesn’t do anything unsafe like downloading questionable torrents and surfing new websites.

It's pretty unnecessary. Hardware wallets can actually be used with infected computers and hence why they're a preferred method of storage. Its unrealistic for someone to get another computer just for Bitcoin.

A good anti virus and some prudent measures are generally enough.

•   Hardware wallets are a good option if you’re willing to spend some money and like to access your wallets somewhat frequently but worry about residential theft. A hardware wallet, if fallen into the wrong hands, prevents thieves from accessing your coins as would a safe. It does not keep a backup of your private keys, however, so again make sure you can access those even if your hardware wallet is stolen.

It isn't what it's designed for. While hardware wallets are reasonably hardened against physical attacks, they're primarily used to guard against malware and use on compromised computer. They can defend against physical attacks but it'll be way better to keep them in a safe instead.

•   If you do choose to buy a hardware wallet only buy from reputable sources – preferably the vendor itself. Amazon used to be a safe place to buy from but they have been mixing their inventory recently and many people are receiving Nano and Trezor wallets that have been used or at least the box was open. Understand how seeds and wallets work before dumping all your coins into one.

It's okay to buy from the third party if you've the technical knowhows to wipe the device completely. Border agents tends to open the package and inspect the device and it's safe as long as the seal is not broken and that your device is not opened physically.

•   If you have any intention of sharing your coins with others in the event of injury or demise, make sure those involved know how to access the public and private keys. Making a convoluted 97 letter password is not a good idea if you’re the only one who will ever know the password.

Multisig could be a possible way to store Bitcoins. Try exploring that.

Other than that it's comprehensive. Great work.

Ahh true on that about hardware wallets being used with an infected PC. I was just coming from my own personal experience where I was helping somebody who had malware and I didn't know about it until he hooked up a Ledger Nano and the Chrome extension was installed but it was asking for a private key. I thought to myself "What the hell is this". It's highly improbably for them to acquire access but I still moved on to a safer computer.

In some parts of the world PCs are quite expensive. In the US you can get a cheap laptop on black Friday which costs as much as a Ledger Blue so I figured it's not that much of a burden financially. I guess it's more a matter of how meticulous people are with their online safety.

Multisig is good. There are a lot of nice options for storing coins now - some even handle seeds for multiple coins. Much easier than sitting on the Bitcoin core and waiting for it to sync back in 2011. I'll amend my post a bit.

[ranochigo]

In some parts of the world PCs are quite expensive. In the US you can get a cheap laptop on black Friday which costs as much as a Ledger Blue so I figured it's not that much of a burden financially. I guess it's more a matter of how meticulous people are with their online safety.

What I like to do is use a Raspberry Pi when I need something secure. It's cheap and small. I even use it as my cold storage wallet and though I can't say its as secure as a Ledger, it's a pretty safe way of storing Bitcoins for $35. Anyhow, I think using a USB disk drive as a live CD is a viable and cheap idea as well.

[Lucius]

Alternatively, you can use a hardware wallet which essentially uses encryption hardware to shield your private keys from the PC allowing you to use your wallet on a system without worry about compromise. Notable hardware wallet companies are Trezor and Ledger and prices are generally reasonable considering the protection they provide.

It is not as simple as it may seem at first, because by buying a device like this and sending a coin to it, we cannot say that we are 100% protected. While it is true that a hardware wallet protects us even on a computer infected with malicious software, the way it protects us is by forcing us to check each of our actions in the user interface and on the hardware wallet screen. Therefore, if we know that the seed should not be shared with anyone and should not be entered anywhere, the greatest attention should be paid to the clipboard malware that changes the destination address - so before click send check for address match (on UI and on HW screen).

Hardware wallets are also a good option if you like to access your wallets somewhat frequently but worried about residential theft (like if you keep your hardware wallet in a drawer right next to your PC). A hardware wallet, if fallen into the wrong hands, prevents thieves from accessing your coins as would a safe.

Partly true, because there is a known vulnerability in the Trezor wallet that allows anyone who comes into physical possession of the device to very easily extract the seed if it is not additionally protected with a passphrase (extra 25 word). Everyone should practice additional protection of the device itself by protecting their main wallet with passphrase, which will not only protect the seed (if anyone finds it), but is the only thing that can protect our coins in case of a physical attack where thieves can only access to that wallet which contains a small part of the coins.

[Bitsaurus]

Alternatively, you can use a hardware wallet which essentially uses encryption hardware to shield your private keys from the PC allowing you to use your wallet on a system without worry about compromise. Notable hardware wallet companies are Trezor and Ledger and prices are generally reasonable considering the protection they provide.

It is not as simple as it may seem at first, because by buying a device like this and sending a coin to it, we cannot say that we are 100% protected. While it is true that a hardware wallet protects us even on a computer infected with malicious software, the way it protects us is by forcing us to check each of our actions in the user interface and on the hardware wallet screen. Therefore, if we know that the seed should not be shared with anyone and should not be entered anywhere, the greatest attention should be paid to the clipboard malware that changes the destination address - so before click send check for address match (on UI and on HW screen).

Hardware wallets are also a good option if you like to access your wallets somewhat frequently but worried about residential theft (like if you keep your hardware wallet in a drawer right next to your PC). A hardware wallet, if fallen into the wrong hands, prevents thieves from accessing your coins as would a safe.

Partly true, because there is a known vulnerability in the Trezor wallet that allows anyone who comes into physical possession of the device to very easily extract the seed if it is not additionally protected with a passphrase (extra 25 word). Everyone should practice additional protection of the device itself by protecting their main wallet with passphrase, which will not only protect the seed (if anyone finds it), but is the only thing that can protect our coins in case of a physical attack where thieves can only access to that wallet which contains a small part of the coins.

Valid points. Has there been any case where a redirection malware has actually changed the destination address? This is why I do routinely check the first 6 and last 6 of each sending address. I know some of those redirection scripts are cleared out by Malwarebytes Premium but obviously if the malware is new or is relatively low availability in the wild then it probably won't get picked up on by the scanner's heuristics.

When I purchased my Ledger I heard about the Trezor vulnerability. I assume they would have changed the chip since then - perhaps they have not updated it. My Ledger requires a pin to be entered to access the device and clears the seed if it fails 3 times. Are the Trezor's still hackable with a pin/password if physical access is available?

[ranochigo]

Valid points. Has there been any case where a redirection malware has actually changed the destination address? This is why I do routinely check the first 6 and last 6 of each sending address. I know some of those redirection scripts are cleared out by Malwarebytes Premium but obviously if the malware is new or is relatively low availability in the wild then it probably won't get picked up on by the scanner's heuristics.

BIP143 (PSBT) has a known vulnerability to trick the user into signing a fraudulent PSBT by having the device constructing an error message. I think most of the HW wallet should've been patched but I'll need somone to confirm this. Other than that, I think generally it's possible to intercept the signing process and that's why HW wallet has a screen for you to check.

When I purchased my Ledger I heard about the Trezor vulnerability. I assume they would have changed the chip since then - perhaps they have not updated it. My Ledger requires a pin to be entered to access the device and clears the seed if it fails 3 times. Are the Trezor's still hackable with a pin/password if physical access is available?

They'll need to bruteforce it then. Just use a strong password but if I'm going to buy a new HW wallet, I wouldn't buy one that could potentially be hacked. A Pin/Password is a workaround, not a fix.

[Lucius]

Has there been any case where a redirection malware has actually changed the destination address?

There are countless cases where user A has sent something to user B, and for some reason the coins ended up with user C (who in this case is a hacker with clipboard malware). If something like this happens we can be pretty sure it's clipboard malware, but most victims don't want to check what actually happened but follow the advice to format the disk and start with clean OS.

It should be noted that clipboard malware can hit the user of any crypto wallet, so it is an advantage to use a hardware wallet that will always ask us to confirm if the address matches. Of course, it is a good and desirable practice to always check several times if necessary, especially if we send large amounts.

When I purchased my Ledger I heard about the Trezor vulnerability. I assume they would have changed the chip since then - perhaps they have not updated it. My Ledger requires a pin to be entered to access the device and clears the seed if it fails 3 times. Are the Trezor's still hackable with a pin/password if physical access is available?

Trezor vulnerabilities cannot be literally fixed with new firmware, because the problem is in the hardware itself - which means that all existing devices that use current hardware will always be vulnerable. When and if the Trezor makes a completely new model, we can expect that it will not be exposed to that vulnerability.

As for PIN protection, Kraken has demonstrated that it is possible to create a script that will brute force a PIN consisting of 4 numbers in about 2 minutes.Therefore, one should not rely on PIN as protection because if someone has physical access to a hardware wallet and enough technical knowledge, it is only a matter of time before they will be able to extract the seed.

Additionally, because the Trezor firmware utilizes an encrypted storage, we developed a script to crack the PIN of the dumped device, leading to a full compromise of the security of the Trezor wallets. The script was able to brute force any 4-digit pin in under 2 minutes. This attack demonstrates that the STM32-family of Cortex-M3/Cortex-M4 microcontrollers should not be used for storage of sensitive data such as cryptographic seeds even if these are stored in encrypted form.

[Bitsaurus]

Has there been any case where a redirection malware has actually changed the destination address?

There are countless cases where user A has sent something to user B, and for some reason the coins ended up with user C (who in this case is a hacker with clipboard malware). If something like this happens we can be pretty sure it's clipboard malware, but most victims don't want to check what actually happened but follow the advice to format the disk and start with clean OS.

It should be noted that clipboard malware can hit the user of any crypto wallet, so it is an advantage to use a hardware wallet that will always ask us to confirm if the address matches. Of course, it is a good and desirable practice to always check several times if necessary, especially if we send large amounts.

When I purchased my Ledger I heard about the Trezor vulnerability. I assume they would have changed the chip since then - perhaps they have not updated it. My Ledger requires a pin to be entered to access the device and clears the seed if it fails 3 times. Are the Trezor's still hackable with a pin/password if physical access is available?

Trezor vulnerabilities cannot be literally fixed with new firmware, because the problem is in the hardware itself - which means that all existing devices that use current hardware will always be vulnerable. When and if the Trezor makes a completely new model, we can expect that it will not be exposed to that vulnerability.

As for PIN protection, Kraken has demonstrated that it is possible to create a script that will brute force a PIN consisting of 4 numbers in about 2 minutes.Therefore, one should not rely on PIN as protection because if someone has physical access to a hardware wallet and enough technical knowledge, it is only a matter of time before they will be able to extract the seed.

Additionally, because the Trezor firmware utilizes an encrypted storage, we developed a script to crack the PIN of the dumped device, leading to a full compromise of the security of the Trezor wallets. The script was able to brute force any 4-digit pin in under 2 minutes. This attack demonstrates that the STM32-family of Cortex-M3/Cortex-M4 microcontrollers should not be used for storage of sensitive data such as cryptographic seeds even if these are stored in encrypted form.

Thanks for the info. So I guess redirect malware must be prevalent enough that there have been enough documented cases. I figured a lot of them would be failures to copy/paste properly like having a previously copied address in the clipboard instead of the one you want to send to but after searching the forums it seems somewhat common.

I understood the Trezor failure was hardware related. I assumed they would have released a newer chip by now that fixes the problem but I guess that isn't the case. Yeah if's a hardware level failure firmware usually can't shore up the problem like Specter and Meltdown issues with CPUs (relying on the OS to intercept those vulnerabilities).

I'll stick with my Ledger. Obviously a 4 digit pin can be bruteforced quite quickly. My Ledger says the device will wipe itself on 3 failed attempts of pin entry - so hopefully nobody has found a workaround for the Ledger Blue. I am assuming Trezor doesn't behave in this manner.

[skarais]

•   Whenever possible, try to be the only person who has access to your private keys (ie own your private keys)

I just want to comment a little on the first point because i think they also need to think a little about wills because this is also important and will have a big impact after the main owner dies unless they just want to enjoy it themselves without having to tell anyone including their families.

The Private Key should only be given to one very trustworthy person as a will if we have a large amount of valuable bitcoin or altcoin. But there is no need to tell them about the amount and price of asset in the wallet to prevent unwanted thing. I'm sure long-term bitcoin holder may have thought about this so that if they died their family could use their bitcoin.

[Lucius]

Thanks for the info. So I guess redirect malware must be prevalent enough that there have been enough documented cases.

I personally have never encountered clipboard malware, but let’s just say I’ve always been cautious when it comes to online security, and that I’ve become even more cautious when I’ve become interested in crypto. Such malware usually comes to a user's computer by downloading a seemingly harmless file, and if the user has no protection (AV/Antimalware) they will not even be aware that it is infected - although even such protection does not guarantee 100% security.

I'll stick with my Ledger. Obviously a 4 digit pin can be bruteforced quite quickly. My Ledger says the device will wipe itself on 3 failed attempts of pin entry - so hopefully nobody has found a workaround for the Ledger Blue. I am assuming Trezor doesn't behave in this manner.

It’s not just a matter of a PIN, but a way for someone to get a chance to bypass the protection that protects that PIN from brute force. We are not talking here about someone entering a PIN via HW itself which will result in a reset after x/xx times. Ledger is safe for now because they have successfully patched everything that was found and marked as vulnerable, and for safety we can thank theirs Secure Element.