The surge in popularity of digital assets has since caused an increase in scammers, with many people falling victim and losing millions of dollars worth of investments. For those holding investments in a DeFi wallet, it’s natural for you to wonder whether your assets are safe.
DeFi wallets can be hacked, and it accounts for 76% of major incidents in 2021. Hackers are looking for weaknesses in the code of the DeFi network to drain accounts of all their assets. Investors should research future projects before committing.
This article will discuss some of the most common ways DeFi wallets are hacked to ensure that you’re prepared. I’ll also share with you my top tips to avoid being scammed.
How Hackers Are Exploiting DeFi Wallets
There are several techniques that hackers use to access your DeFi wallet, and these include:
Hackers Add Malware to Operating Systems
Scammers are using malware to target commonly used operating systems like Mac to access information on the victim’s DeFi wallet. They use viruses from this malware to detect and copy data on the victim’s DeFi wallets. They’re taking this information and exchanging the details for an account belonging to them, allowing them to drain the account of its assets.
The malware used has existed for several years and has progressively become more sophisticated. In the early days, it may have tricked victims into downloading software which has now been replaced with another technique of encouraging victims to access a malicious website.
Hackers Use Phishing Attacks
Phishing is a popular information stealing technique where hackers will create a duplicate website that impersonates a genuine crypto platform.
Scammers will create a website to look identical to the original platform down to the tiniest detail. A common trick is to make the domain name as close to the original as possible. For example, their website is Coinbase.co instead of the original Coinbase.com.
Due to the similarity of the websites, targets don’t see any difference and are more than willing to share their DeFi wallet login details as they assume they’re accessing a trusted site. Unfortunately for them, this isn’t the case, and their details are then used to access their account.
Hackers Target Two-Factor Authentication Messages
Two-factor authentication via SMS is one of today’s most popular online security features. As a result, hackers have developed a way of intercepting SMS verification messages to ensure that they can hack into victims’ accounts.
For hackers to intercept verification messages, they must first arrange for the ownership of the victim’s SIM to be transferred to them. This involves contacting the network provider of the SIM and successfully impersonating the victim.
Once the SIM ownership has been transferred to the hacker, it’s possible to obtain access to the victim’s DeFi wallet.
Hackers Exchange Genuine Hardware Wallets With Fake Ones
This technique involves hackers convincing their victims that their hardware wallet is at risk of being hacked and needs to be exchanged. The victim receives the exchanged wallet and is encouraged to plug it into their computer.
Once the device is plugged into their computer, it’ll prompt the victim to input their login credentials. The device will send these details to the hacker, who can access the victim’s account and drain any funds.
How To Prevent Your DeFi Wallet From Being Hacked
Hackers can use various methods to access the funds in your DeFi wallet. The good news is that there are plenty of ways to prevent this from happening to you, and I’ve listed my top tips below.
Save Your Private Keys on a Hardware Wallet
Your private key is what you use to open your DeFi wallet. If you save the wallet on your computer, your private key will be saved too. As we learned earlier, there are plenty of ways hackers can access this information if it’s saved on your device.
Saving your private key on a hardware wallet is a step toward protecting your digital assets. The hardware wallet separates your key from any online device, creating an added barrier between your information and the hacker.
Having a hardware wallet doesn’t mitigate all risks from hackers, as we’ve learned earlier; however, combined with my next tip, it’ll significantly decrease the likelihood.
Stay on Top of New Scams in the Crypto Community
Users with substantial investments should be keeping on top of the latest scams and security hacks that are stinging investors. In situations like this, knowledge is most definitely power.
It can be hard to keep up when scammers are becoming more sophisticated, and new techniques are being developed. Having access to crypto communities and forums is one of the best ways to stay ahead of hackers. With the rising popularity in the markets, these communities are growing larger by the day and are full of valuable tips and tricks and shared experiences to look out for.
One of the advantages of being part of a decentralized wallet is that if it’s hacked, the community will know about it and will start to resolve the situation as soon as it has happened. This gives them a headstart in trying to source the stolen funds a lot quicker than if it were a larger custodial.
Research the Blockchain Before Investing in a New Project
One of the significant advantages of a blockchain is that the information is easily accessed. Before investing in a new project, I recommend using a block explorer to check the distribution of tokens between each investor.
According to the Business of Business, you’d consider it a red flag if 50% of project tokens belong to one or two wallets.
There are a variety of block explorers out there for different cryptocurrencies, so it’s highly recommended to research what’ll suit you best. For those using Ethereum, Etherscan appears to be one of the more popular ones to use.
Change Up Your Passwords
If you’ve been using the same password for your cryptocurrency wallet as your email, social media, and other online accounts, it would be best to change this.
I recommend using a password manager such as LastPass, 1Password, or KeePass to keep track of your passwords and generate strong passwords for each account.
Use Two-Factor Authentication (2FA)
For those using an exchange that supports 2FA, I highly recommend enabling this option as soon as possible. If one of these exchanges gets hacked, it’ll be a lot harder for them to access your account information.
Once you’ve enabled 2FA, use a Yubikey or Google Authenticator app to authorize withdrawals from your account. As mentioned earlier, it’s becoming easier to intercept 2FA verification messages via SMS, so setting this up and sending the verification message to your email address will decrease the likelihood of a hacker accessing this information.
If you’d like to find out more about preventing your DeFi wallet from being hacked, check out this video from Finematics:
DeFi wallets are one of the most common targets to hackers looking to siphon funds. They can access your account in various ways, including using malware and phishing attacks.
For anyone with a significant amount of funds on DeFi platforms, it’s natural to be concerned for the safety of your digital assets. Fortunately, there are plenty of ways to prevent your wallet from being hacked, and investors are recommended to use these methods to protect themselves and their funds.
- Atlas VPN: DeFi related hacks account for 76% of all major hacks in 2021
- Make Use Of: How Hackers Hack Crypto Wallets and How To Protect Yourself
- The Business of Business: Tips on How Not To Get Hacked in DeFi Land From Someone Who Audits Crypto Code for a Living
- Reddit: Security: How Not Get Your Wallet Hacked Through Defi Platforms
- Ciso Mag: 6 Ways to Protect Your Cryptocurrency Wallet from Digital Exploits