In today’s increasingly online world, the possibility of being hacked is an uncomfortable reality for almost everyone. It’s even happened to some of us. Those of us lucky enough to have avoided it, though, have heard of it happening to others. And if many people are hesitant to adopt cryptocurrency, the threat of hacking may be a primary deterrent.
Being aware of and vigilant against hacking is part of being in the cryptocurrency space. In addition to hackers targeting individuals, there have been a number of major hacks that have affected larger targets like exchanges and projects, too. Accordingly, it is considered mandatory by many experts for cryptocurrency beginners to learn about things like cybersecurity, seed phrases, and wallets.
This article will cover the basics of protecting yourself against hacking when dealing with cryptocurrency. First, however, we’ll build a foundation of knowledge about hacking in cryptocurrency that will serve to provide context and deepen your understanding.
What is Hacking in Cryptocurrency?
Hacking, in general, is the unauthorized access of a device, computer, or system. Hacking in cryptocurrency, specifically, refers to the unauthorized access of cryptocurrency wallets, accounts, exchanges, projects, and devices or systems for the purposes of accessing the aforementioned things.
Why is it So Common?
Before we continue, it should be mentioned that if you are seriously interested in buying cryptocurrency or getting into the space, you shouldn’t let the possibility of being hacked stop you. While hacking is quite common in the cryptocurrency space, as long as you take intelligent steps to protect yourself, you will more than likely be safe from it.
That said, however, cryptocurrency is an environment that seems almost custom-made for hackers. But why?
- Cryptocurrency is inherently online. Other than cryptocurrency sitting in offline (aka cold) wallets, the entirety of the space exists online.
- There is a huge amount of money in the crypto space. When they hack for money, hackers choose their targets based on potential profits. Considering the fact that there are trillions of dollars in the crypto space, it shouldn’t come as a surprise that hackers love crypto.
- Crypto is still relatively new and difficult for beginners. Of all the factors that make cryptocurrency a prime target for hackers, this may be the most important. Every new technology has its own learning curve; crypto’s learning curve may be particularly steep. Many new users and investors of cryptocurrency are especially good targets for hacking because they’re essentially naive about best practices and cybersecurity.
What are the Most Common Types of Hacks in Cryptocurrency?
Before we get into the basics of how to protect yourself against hacking, it will help to understand the different types of hacks that you’re protecting against. In addition to providing context so that you understand why you’re taking precautionary measures, knowing about the different types of hacks out there will help you stay on your toes should you encounter likely hack attempts.
When we talk about hacks that target individuals, phishing attacks are likely the most common. Phishing occurs when cybercriminals attempt to:
- Trick you into divulging information that will help them gain access to allowing their access to your devices/accounts..
- Convince you to click malicious links or download malicious software that grants them direct access to your devices/accounts.
Phishing has been around for a long time – well before the beginning of cryptocurrency. Cryptocurrency has simply provided another realm in which hackers can attempt and execute their phishing attacks.
So far, we’ve discussed phishing in a general way. Let’s get more specific now and talk about some practical examples of phishing attacks that are carried out on a daily basis:
- The Fake Crypto Giveaway: This scam/hack has become extremely popular. The perpetrators of the fake crypto giveaway post announcements in places they know crypto enthusiasts will be looking, like crypto-based YouTube channels, crypto-based Discord servers, etc. The announcement is either general, to a group of people, or targeted towards specific people. In many cases, a link is provided where you need to make an account to claim your free crypto.
Of course, the link is malicious. Sometimes, the perpetrators ask you to make an account, hoping that you’ll give up passwords and security details you use for other accounts. In other cases, the link may even download malicious software directly to your computer.
- The Fraud Phone Call/Email: This type of phishing attack has been commonly used over the years to trick people into providing their online banking details. However, it can also be used by hackers to fraudulently access cryptocurrency exchange accounts. It works like this:
The cybercriminal learns that you have an account on an exchange, like CoinBase for example. The criminal then either calls you and acts as if they’re a member of the CoinBase team or sends you a fake “official” email from the CoinBase team. In either case, they will ask you for security details or ask for your permission to access your computer directly.
Exchange hacks are an interesting bridge between the larger hacks and the smaller hacks that target individuals. When hackers attack exchanges, they’re going for the big score. They search for and exploit some type of vulnerability in an entire cryptocurrency exchange in the hopes of making off with hundreds of millions of dollars in crypto. And they’ve succeeded in the past.
While the direct victim of these exchange hacks are the crypto exchanges themselves, these huge hacks often result in the hacked exchanges’ customers suffering losses. It’s an unfortunate reality, but it has happened many times. In fact, some sources report that at least 46 different crypto exchanges have been hacked to date. Many of these resulted in consequences for individuals who trusted the exchanges to hold their cryptocurrency/private keys.
This looming threat that any exchange may be hacked is one of the primary reasons that you might hear the advice, “Never keep your cryptocurrency on an exchange.” We’ll cover that in more depth later.
Malware deployment happens when hackers create malware specifically for the purpose of infecting your devices and then gaining access to your accounts. This practice was discussed a bit in the Phishing section, but it is so common and malicious that it deserves its own section, as well.
There are a number of different types of malware that can be used to hack your devices and accounts. Some of the especially serious types of malware actually allow hackers entire control of your device. Other types are more hidden but just as dangerous, like keyloggers.
Once downloaded to your device, keyloggers create records of every single keystroke you make and periodically send those records to the cybercriminal attempting to hack you. The criminal’s hope is that you’ll access your crypto accounts, typing all of the information they need to access your accounts, themselves.
How to Protect Yourself from Crypto Hacks
As you read through the most common types of hacks in cryptocurrency, you probably came up with a few ways you can protect yourself from them, specifically. This is the benefit of greater awareness of the different types of hacks out there.
This section will reinforce some of the best practices you might have guessed while also providing entirely new tips and tricks you can utilize to make yourself as resistant to hacking as possible.
- “If something seems too good to be true, it probably is.” The first way to protect yourself from hacks – and many scams, too – is to understand that their victims’ greed is cybercriminals’ best weapon. Many hacks and scams utilize tempting offers, like “free” crypto and high APY. The better the offer seems, the more wary and discerning you should be.
- Protect your passwords and other security information. In the Phishing section, we mentioned that hackers will sometimes fraudulently claim that they are employees of companies you do business with. Real employees of legitimate companies will never ask for your password or other private information.
Another part of protecting your passwords is never using the same password/username combination more than once. When you use the same password for many different accounts and one account is hacked, all of your other accounts are at risk, too. Accordingly, you need to mix up your passwords and never give them up to anyone.
- Do not keep crypto on exchanges. The general rule is that the only funds (crypto or fiat) you should keep on exchanges are funds that you’re actively trading with. When you plan on holding onto crypto for a while – and especially when larger amounts are involved – it’s considered “best practice” to move your crypto off of exchanges. Where? See the next point.
- Use cold wallets. It’s generally believed that the absolute best way to store cryptocurrency is with cold (aka offline) wallets. Cold wallets are far less vulnerable to hacking and phishing. Paper wallets and hardware wallets are good options for cold storage.
Other habits, like periodically running anti-virus software, for example, will also help protect you against hacking. The four points above, however, are far and away the best methods to protect you from cyber-attacks.
The more you know and the more careful you are, the more protected you’ll be.