Recommendations for storing cryptocurrencies and tokens
Don’t keep all your eggs in one basket! Split up your funds, and keep the ones you don’t plan to use in the near future in a cold wallet. If necessary, there can be several cold purses. For example, part of the funds will be in a hardware wallet, part of the wallet with a multisignature, part as a private key in a cryptocontainer with a strong password. In case of real danger, you can even give up 1 or 2.
Separate computers for crypto. If you work with crypto-assets, which are worth many times more than the cost of their storage means, then allocate separate computers, which will not be used for anything else. Surfing the web, playing with toys, and editing documents sent to you is better done on another computer.
Nothing unnecessary.
There should be no extraneous software on the wallet computers, not to mention a cracked Windows from C001_][aker. Only vendor-proven distributions.
Failover. The biggest trouble in terms of fault tolerance is hard drive failure. The other parts in the computer are usually replaced quickly and without any consequences. In the case of hard disk drives, system fault tolerance is easiest to achieve using RAID arrays with mirroring. Roughly speaking, this is when you put two hard drives, and write and read operations go to them in parallel, and the system sees them as one drive. In this case the price increase is for one hard drive, raid controller can be used even built into the motherboard. The probability of both hard drives failing at once is extremely low, and if any one drive fails, you insert a new one in its place and go on working. Some RAID controllers can even do this on the fly without shutting down the system.
Backup. You must be prepared for the fact that the most fault-tolerant system may not be available. Fire, thieves, special services, or just a cat will pee in the power supply and burn all the boards and hard drives, it does not matter. It can happen.. You should have up-to-date backups of all wallets. At the same time, they must be encrypted and sent to several places at once. In the cloud, in the mail, on a flash drive in a safe, in an archive in a smartphone, etc.. Choose a few options, better yet, make up your own, and use them. Make a backup schedule and stick to it. From time to time, download a backup and make sure it is up to you, that you remember all your passwords, and that you are able to retrieve information from it.
Encryption and passwords. Accept as a fact that your computer, phone, flash drive or access to your mailbox and other services can fall into the hands of intruders. At the same time, we must not allow the attacker to gain access to the wallets. If all your devices are securely encrypted and passwords are not like Qwerty123, then at least you will win time to transfer assets to other wallets, and at most obtaining devices and accesses will be useless for an attacker. So use encryption as much as possible, including on system partitions, smartphones, archives, backups. Set passwords to download and unlock your smartphone. On computers, there should be no accounts without strong passwords. On web services, use two-factor authentication where possible. Set strong and different passwords for all services and devices. Preferably, change them at regular intervals.
Updates. Pay special attention to software updates. Often malicious users take advantage of errors in the update algorithm, or disguise the uploading of malicious software as an update. This has already happened with some cryptocurrency wallets, for example Electrum, when an update message was displayed but a Trojan was downloaded. A simpler way is to display a window in the browser on a web page that supposedly asks you to update your browser. Sometimes it opens in a new popup window and tries as much as possible to copy the interface details of the actual update window. It is clear that if the user consents, the Trojan will be downloaded. So only updates from the official sites, and it is desirable to check them further.
Don’t leave things unattended. It’s clear to everyone about flash drives or smartphones without a password. But in some cases even a laptop can be hacked simply by inserting a flash drive-like device into a USB port. In fact, it will be a hardware HID keyboard emulator and a set of exploits. So in a Windows environment, after setting up all your devices, it is recommended that you disable automatic installation of drivers and devices by activating the “Disable installation of devices not covered by other policy settings” policy.
What do I do if a hack has already been detected?
– Unplug the computer under attack, checking to see what’s stolen and what isn’t.
– Transfer remaining cryptocurrency and tokens to other wallets, creating them on a clean computer if necessary. To speed up the process, you can create temporary addresses in the most well-known web wallets.
– Track where your coins have gone, possibly via exchangers or online wallets. In this case, urgently write to their support about the incident with the addresses, hashes of transactions and other details. If possible, call after you send the letter and voice to point out the urgency of the situation.
– Change all passwords from a clean computer, even those not directly related to the wallets. The infected computer most likely had a keylogger, which collected all the input information. Passwords must pass at least 2 cleansing steps – temporary and new permanent. Passwords must be strong: long enough and not verbose.
– Back up all relevant information from computers, smartphones and tablets that you don’t want to lose. Executable files and other files that could be infected should not be in the backup. Encrypt the backup. Make multiple copies of a backup to geographically dispersed locations.
– Erase all flash drives, hard drives, reset your smartphone to factory defaults and reconfigure everything. If you plan to work in the future with very important information, or amounts that are many times greater than the cost of equipment, then ideally you should change the entire hardware, since some kinds of Trojans can enter service areas on hard drives and can not be removed even by formatting, as well as modify the BIOS on the motherboard.
General security advice
Phishing. Most often attacked sites exchanges, online wallets, popular exchangers.
The leaders are myetherwallet.com, blockchain.com and localbitcoins.com. Most often scammers register a domain similar to the one being attacked. Upload a harmless website or forum there. Buy advertising in search engines on it. As soon as the ads pass moderation, the site is switched to a clone of the attacked site. It is not uncommon for the real one to start DDoS. The user can’t get to the site, enters its name into a search engine, clicks on the first line in the output, without looking that it’s an advertisement, and finds himself on a fraudulent site that looks like a real one. He then enters his usernames and passwords, and the money from his account flees to the fraudsters. Often not even two-factor authentication, pin codes, etc. helps. The user enters all this himself. Say, when logging in he enters a code, the system will say that the code is wrong, enter it again. He’s going to enter a second code. And actually the first code was used to log in, and the second code was used to confirm the withdrawal.
Another example is delayed attacks. When you open a site you’ve been sent, which looks legitimate, and leave a tab open. After some time, if there is no action on the page, its content is spoofed to a phishing site that asks you to sign in. Users tend to have more trust in previously opened tabs than they do in others, and they can enter their data without verifying it.
In some cases there may also be phishing attacks on specially crafted public networks. If you connect to a public Wi-Fi network and its DNS gives wrong addresses for domain queries, or all unencrypted traffic is collected and analyzed for sensitive data.
To avoid getting caught, stay alert and use additional scanning and a more secure channel, which is discussed further below.
More Checks. For the most visited and important sites on a secure computer, clock in a few indirect parameters. For example, the issuer of the certificate and its expiration date. Alexa counter value or approximate traffic according to Similarweb. You can add your parameters. And when you go to the sites, keep track of them. For example, if the certificate was suddenly changed long before the end of the old one – that’s a reason to be alert and check the site additionally.. Or, for example, if before bitfinex.com showed about 7 thousand on Alexa counter. points, and now all of a sudden it’s showing 8 million. – It’s a clear sign that you’re on a fraudulent site. It’s the same with Similarweb scores, CDNs used, domain name registrar, hoster, etc.
Passwords. Don’t use weak passwords. It’s best to remember your most important passwords without writing them down anywhere. However, considering that it’s better to have different passwords for all services and wallets, some of them will need to be stored. Never store them in the clear. Using specialized programs like KeePass is much better than a text file. There, at least, they are stored in an encrypted form, plus the data is automatically erased from the clipboard after use. Make some security rules for yourself, for example, even add three random characters to written passwords in the beginning. After copying and pasting the password, delete those characters. Don’t share ways to store passwords, make up your own. In this case, even if the key card is compromised, there is a chance that the intruder will not be able to use it.
Secure channel. To work more securely from public networks, it makes sense to make your own VPN server. For this you can buy a virtual machine from one of the hosters abroad, the location can be chosen at your discretion. The average cost of a virtual machine is $3-$7 a month, which is a lot of money for a little more secure access to the network. Install your own VPN server and let all traffic from mobile devices and computers through it. Before the VPN server, all traffic is additionally encrypted, so that you can’t poison DNS, or get additional data from your traffic by installing a sniffer in its path.
Windows/Linux/Mac OS? The best operating system is the one you can configure most professionally and work most securely with. Better a well configured Windows than a poorly configured Linux. Security problems are found in all operating systems, and it is necessary to patch them in time. However, most malicious software is written for Windows, and most often users have administrator privileges, so when probing a system, scammers try to use exploits for Windows in the first place.. So all other things being equal, it makes sense to choose a less common and more security-oriented operating system, such as one of the Linux distributions.
User rights. Give the user exactly as many rights as he needs to perform tasks. Don’t sit under a user with administrative privileges. Moreover, you can use restricted user rights to further secure your wallet. For example, to have two accounts, the first has access to the wallet, but under it you can not log on either locally or over the network. The second account can be used to log in, but does not have access to the wallet. In order to work with the wallet from under it, you need to additionally run it using the Runas command, as in this example.
Antivirus. Should I install antivirus or not? If your computer is connected to the network, is used for any other tasks besides storing cryptocurrency, it is possible to connect flash drives or otherwise load malicious programs – we recommend to use antivirus. If your computer is specially configured only as a purse, all security is turned to maximum, there is no extraneous software on the computer and no way to download it there – it is better to do without antivirus. There is a small chance that the antivirus will send the wallet to the manufacturer as a suspicious file, for example, or in the antivirus find a vulnerability.. Even though it is very unlikely, but there have been cases like this before, we shouldn’t rule them out altogether.
If you do have antivirus, keep your databases up to date, don’t delete or “flush” malware scans, pay close attention to all alerts, and perform a full system scan periodically.
Consider whether it’s a good idea to install antivirus on your smartphones and tablets.
Sandboxes.
Set up your own virtual machine to view the files you’ve sent. There is always a risk of getting a document with a 0-day exploit, which has not yet been detected by an anti-virus. Virtual machines have the advantage of working rather quickly with snapshots. That is, you make a mold of the system, run suspicious files on it, and when the work is finished, return the state of the virtual machine to the moment when you have not yet opened the suspicious files. At a minimum, this is needed to work safely with other data later on.
Verify addresses. When forwarding payment data to a secure computer, check additionally visually the address and amount just before sending. Some Trojans substitute cryptocurrency wallet addresses in the clipboard with their own. If you copy one, it will paste the other.
Environment. Keep in mind that the initial attack may be carried out not on you, but on your employees or your loved ones. Once in the trusted zone, it’s easier for malware to get at your assets.
Communicating. Treat any messages in telephone conversations or correspondence as if they were definitely read/listened to and recorded by outsiders. So no sensitive data in plain text.
Better safe than sorry.. If you suspect that any wallets may have been compromised, create new wallets and transfer all funds from those that are suspicious.
Give away sensitive information less. If the presenter at the conference asks for a show of hands from those who have cryptocurrency, don’t do it, you don’t know everyone in the room, and penciling in potential victims is the first step in which you can help the abuser. Or, for example, there was a case where a cryptocurrency owner was quite serious about the security of storing. But the intruders found out that he was selling a plot of land. Found one, contacted under the guise of a buyer. In the course of dialogues and exchange of documents, the attackers were able to plant the Trojan on the victim’s computer and monitor his work for some time. It was enough to understand how the funds were kept and to steal them. The victim’s vigilance when selling the plot was clearly lower than when dealing with crypto-assets, and this played into the hands of the perpetrators.
Examples of architecture for storing cryptoassets
1. Requires storage of small amounts and quick access
Set up an account with an online wallet.
Back up private keys, encrypt, send to a couple of places.
Make sure we have access from the smartphone, too.
As a result, we have instant access to crypto-assets almost always. Keep in mind that such a wallet should not contain amounts whose loss would be tangible.
2. Requires storage of different amounts and constant access
We use an online wallet for constant access, as in the first case for a small amount.
Given the requirement for constant access, a cold wallet would have to be online. It is recommended to build for this a separate server with RAID 1 array, encrypt the array, install a wallet. Put the computer on a colocation in a data center, the contract is better not in your name, but in the name of a friend. Make backups of keys from both wallets, separately make backups of server accesses, encrypt everything and send to a dozen different places.
Get a separate laptop or all-in-one (to save money) to access the server through an encrypted channel.. Encrypt laptop drive. This laptop should not be used for anything else.
As a result, we have constant access from the web wallet and the ability to recharge it from cold storage. The cost of one-time expenses is approximately $500 for a laptop or monoblock, $700 for a server (can be used), and $50 for a colocation. If you are going to keep crypto-assets worth tens or hundreds of thousands of dollars, it is economically feasible. For normal operation from the monoblock over the network is taken from the shared document addresses and amounts to be paid, with remote access over an encrypted channel is connected to the server, where the payment is already made. If a monoblock or server is physically stolen, attackers will not have access to the wallets because of encrypted partitions. If you need urgent access to cold wallet from an unfamiliar location, you can buy a new laptop there, download an access backup, and deploy cold wallet access to the server on it.
3. In addition to prompt access, you need to store significant amounts of
In addition to the web wallet and server from the first and second cases, we have a few more wallets. You can have hardware wallets, separate laptops for certain types of assets, etc.. The biggest cold wallet will be offline. In a bank vault, or depository, or your own cave, or some other safe place. For it we prepare a computer without hard drives, the booting will be from the CD disk. Not from a flash drive, because it is writable. On the disk beforehand burn a bootable linux life cd, a utility for signing transactions and an encrypted private key. Make backups of all wallets and keys, make multi-level encrypted backups, and distribute copies of them to different geographically dispersed locations and different types of storage devices.
The bottom line is that we have constant access from multiple wallets. If you smell fried, 1 or 2 of them can be surrendered without giving out information about the main repository. If you need to transfer from a cold wallet, move to a safe location, boot from life cd, decrypt the key, sign the transaction off-line. We carry the signed transaction to a computer that has access to the global network and send it.
Conclusion
Keep in mind that all of the above security tips will help against the average attacker. If you are physically kidnapped and thermorectal cryptanalysis is used, you will give out all the addresses and passwords yourself. Also, if you are hunted by special services with the appropriate training, there may be a seizure of servers with cryo-freezing RAM to seize keys, as well as a physical seizure while working with an open channel to the wallet. And if you follow the safety rules, do not break the laws, or no one knows about you, then the probability of encountering such problems tends to zero. So choose the right methods of protection depending on your risk level.
Don’t put off security if you can do it now.. Then it may be too late.. Remember that a fire is easier to prevent than to put out.
History of hacking from Sergey Simanovsky
How to prevent hacking and theft of cryptocurrency
What to do if there is a hack?
General security recommendations
Examples of building an architecture for crypto-assets storage