Follow us
All VPNs are chosen by the expert, but we may get a commission when you buy them via our links.

Ways to lose money with a Bitcoin wallet & Protection guide for 2021

Updated: August 6, 2021 By Dean Chester

Losing crypto assets due to malicious actions of hackers and fraudsters is a very real threat. In this new extensive guide, I will share real cases of theft of Bitcoin and other crypto currencies, outline effective ways to protect wallets, and describe an almost 100% secure method of executing transactions step by step.

Ways to hack a bitcoin wallet

More than 10 years have passed since 2010 when the first cryptocurrency introduced by a developer or a group of developers under the pseudonym Satoshi Nakamoto became a real means of payment. Starting out as a technology primarily enjoyed by computer nerds, Bitcoin has become a popular means of payment with more than $1 billion in daily turnover.

At the same time, due to its decentralization and relative anonymity, Bitcoin has become one of the most coveted assets in the world of cybercrime.

  • How did Bitcoin become the main means of payment for cybercriminals?
  • Why is it easier to steal cryptocurrency than money from a card?
  • How are crypto exchanges hacked?
  • What is the main difficulty in storing Bitcoin?
  • How to make cryptocurrency inaccessible to thieves?

After reading this advanced guide, you will learn everything you need to know about storing and using Bitcoin and other cryptocurrencies safely. When writing this article, I used not only my experience with Bitcoin but also the knowledge of an experienced hacker who spoke about the current methods of stealing cryptocurrency. Irbis, as he calls himself, also helped me put together a step-by-step guide to protecting against crypto-malware and phishing.

How Bitcoin works

Within the framework of this article, I won’t reiterate the already discussed subjects of decentralization, blockchain, and the future of financial institutions. I will focus on the features of Bitcoin that make it vulnerable, and due to its vulnerability why it probably won’t become a reliable and secure way to make payments and store  assets in the future.  

We will analyze the inherent vulnerabilities of cryptocurrencies that can negate all the positive features of the blockchain. Next, we will look at ways to minimize these disadvantages to make the most of this useful evolving technology.

Vulnerabilities of Bitcoin and other cryptocurrencies

Even though Bitcoin was created by Satoshi Nakamoto as an independent payment instrument not controlled by traditional financial institutions, it has weaknesses used by cybercriminals:

  • Ability to hide stolen coins so that their movement cannot be tracked;
  • Relative ease of making malware to steal cryptocurrencies (stealers);
  • Lack of consensus in different countries about whether a cryptocurrency is an actual currency or a commodity.

All these features make Bitcoin highly attractive to cyber criminals. The lack of control over its movement by the authorities makes cryptocurrencies an ideal tool for settlements between hackers, malware software developers,  rogue traders, and other participants in the world of cybercrime.

But the most important thing for us to keep in mind is the fact that Bitcoin is much easier to steal than, for example, money from a bank account.

This can be done in at least three different ways, which we will discuss further.

Given the increasing popularity of Bitcoin, I believe it’s imperative in today’s world to understand what technologies and skills cybercriminals are using in their pursuit of digital assets and how to effectively be able to protect yourself against them.

Pros and cons of Bitcoin 

Countless number of articles dedicated to the benefits of cryptocurrencies exist on the Internet. The authors usually like to highlight the following main pros:

  • Decentralization of Bitcoin,
  • The ability to conduct financial transactions from anywhere in the world bypassing the traditional systems of control over financial activities,
  • The possibility of making payments without a trusted intermediary (bank)
  • The inability of governments to influence or control Bitcoin and the blockchain.
  • High payment anonymity. 

However, it is precisely as a direct result of its pros that its significant cons follow:

  • A lack of a responsible party,
  • An impossibility to restore access to the wallet if access keys are lost,
  • Increased attention from cybercriminals,
  • Not being able to obtain compensation for the theft of cryptocurrency,
  • No restrictive measures by the authorities,
  • Open to financial speculation due to its high volatility rate to fiat money.

We are primarily interested in the technical features and how hackers steal Bitcoin. It is in these areas that many users have a noticeable knowledge gap. The knowledge we aim to provide in this article will help avoid most of the trouble.

So, what can we personally do to make sure  that the disadvantages of cryptocurrencies don’t outweigh their advantages?

  1. Buy Bitcoin properly;
  2. Store it properly;
  3. Apply measures to protect against cryptocurrency theft;
  4. Properly and safely execute transactions.

Keep reading and you will find out everything you need to know to use Bitcoin properly. We will provide comprehensive information on each of the points, supplementing it with step-by-step instructions and examples.

But first, we will show the dynamics of the development of cybercrime-related to Bitcoin, and analyze the largest cases of Bitcoin theft and extortion. The information provided will help better understand the nature of the threats that lie in wait for the owners of cryptocurrencies.  

Some statistics

The year is 2021, which will go down in history as the year of record growth in the rate of Bitcoin and other crypto-assets. The beginning of large-scale penetration of cryptocurrencies into the life of society began in 2017 when the almost continuous growth of the Bitcoin exchange rate from less than $1,000 to $20,000 within one year gave birth to a new class of society - crypto millionaires.

These people, as a rule, bought coins even before most of us knew about them. Many got them almost for free by mining or bought them for $10- $100 a few years before the boom. Also, new cryptocurrencies began to appear, some of which showed an increase in the rate hundreds and even thousands of times over months or even weeks.

All this led to the fact that millions of people began to purchase cryptocurrency for passive earnings, trading on emerging crypto-exchanges, or investing in DeFi projects.

At the same time, few people still understand well how Bitcoin works, what dangers lie in wait for its owners, and how to use it safely.

As a result, the number of cryptocurrency thefts, which could have been easily avoided, is increasing every year.

Take a look at the chart showing the Value of cryptocurrency theft worldwide from 2016 to 2020:

Value of cryptocurrency theft worldwide from 2016 to 2020

Image source - statista.com

As you can see, since 2018, the amount of losses ranges from $370 million to almost $1 billion.

According to other estimates, the number of stolen crypto assets in 2018 was more than $1.1 billion. Consequently, the growth dynamics of crimes related to Bitcoin maybe even worse.

Obviously, in 2021 this figure will become even higher than in 2018. Already at the time of writing this article, the Bitcoin exchange rate has exceeded $60,000, which is 3 times more than 3 years ago. At the same time, it has become much easier to acquire it, and, therefore, many more people have wallets with Bitcoin, Ethereum, Litecoin, Binance Coin, and other coins.

According to Reuters data, the equivalent of nearly $2 billion in cryptocurrencies were stolen in 2020.

Here's another interesting fact.

It's no secret that in recent years, many cybercriminals previously operating in banking (credit card theft, banking Trojans, etc.) have switched to ransomware. For those who don’t know what ransomware is, it is malware that encrypts all important data on a device (computer, smartphone, server on the Internet, or a company's local network) while aiming to further extort the data owner for a financial ransom.

Most often, it is a Bitcoin payment that is demanded for the decoding and restoring of crucial data. Moreover, the scale of the work of ransomware groups is  staggering:  

  • The threshold to enter the Revil Affiliate Hacking Program alone is $100,000 per week. This is the minimum income that hackers-affiliates distributing their malware should generate;
  • There are dozens of ransomware groups;
  • There is no effective countermeasure to such attacks. Back in 2019, Cybercrime Magazine calculated that ransomware would attack businesses every 10 seconds by the end of 2021.

The dynamics of the increase in crimes involving Bitcoin and other cryptocurrencies are reflected in the following diagram:

Value of cryptocurrency theft worldwide from 2016 to 2020

Image source - blog.chainalysis.com

Please pay attention to the red column. That's an increase in the use of ransomware every year. And where there is ransomware, there is Bitcoin. In fact, in 2020 alone, the indicator has tripled. Growth will continue in 2021. If we add to this the theft of cryptocurrencies, it’s becoming apparent that cyber crime involving Bitcoin payments is quickly taking a leading role.

Ransomware is worthy of a separate article. However the scope of this article is Bitcoin theft and how to protect ourselves against it.

The main headache for ordinary users is stealers (malware used to collect sensitive information). As for cryptocurrency, such Trojans can not only steal keys and wallet numbers but also change the recipient's details on the fly. Such malware is often referred to as crypto grabbers. For example, malware ElectroRAT worked stealthily on thousands of computers, stealing data from crypto wallets while unsuspecting users were executing their transactions.

We will describe the stealer in more detail and provide an example of how it works.

Scatter of data when calculating the share of cryptocurrency in crimes

In 2020, the US authorities tried to calculate the role of Bitcoin and other cryptocurrencies as a payment tool in committing various crimes.

According to them, about 1.1% of all transactions on the Bitcoin network were criminal. You may say – “That doesn’t seem so bad, does it?” I thought so too, but then I came across a document indicating that 3 out of 4 cases of money laundering were committed with the help of cryptocurrencies. According to Jonah Force Hill, Senior Cyber ​​Policy Advisor for the Secret Service, the actual rate of crime related to cryptocurrencies ranges from 1.1% to 75%.
Why does the data  vary so much, and what is behind these dry numbers?

All the available statistics are structured in a way that, they translate the amount of damage from Bitcoin, Monero, and other coins into fiat money, usually in US dollars. This greatly distorts the final numbers, since the calculation is often carried out without analyzing the crypto currency exchange rate, which can change several times in a short period of time.

Also, no one can reliably determine the scale of theft and extortion for four main reasons:

  1. There is no centralized accounting. Unlike the traditional banking system, crypto wallets aren’t protected or managed from a single location in any way. Therefore, there is no reliable reporting.  The exception is crypto exchanges. They work under the supervision of regulatory authorities. For example, in the United States, all exchanges are subject to the Securities and Exchange Commission;
  2. In many countries, Bitcoin doesn’t have a legal and  agreed uponstatus;
  3. Low crime detection rate;
  4. Many victims don’t want publicity.

Bitcoin-related crime statistics vary widely, but most security experts see an increase in cryptocurrency-related cybercrime activity.

Notorious cases

  • Electrum hack, Ledger data leak
  • Hacking and stealing EXMO exchange funds
  • Phishing on behalf of Elon Musk
  • Scam DeFi-project Compounder Finance
  • Gangster torture with a drill

Using the example of the incidents described below, I want to clearly show how large-scale and dangerous hacker actions can be when it comes to Bitcoin or other cryptocurrencies.

To do this, I selected 5 attacks of different nature and nature, committed from 2014 to 2021. Cumulatively, they prove that today it isn’t the blockchain itself that is vulnerable, but the services and programs that connect it with the real world. Also, attacks on cryptocurrency holders regularly occur.

Electrum Hack, Ledger Data Leak

Electrum attack and Ledger data leak

I'll start with two cases that will help dispel the myth about the invulnerability of "cold" wallets and expose the points of "hot" wallets susceptible to attacks.

As you know, the only way to protect any electronic information from theft is to disconnect it from the Internet. And it really works. It is absolutely impossible to steal the tokens that are stored in such a wallet, unless ...

This is the essence of the vulnerability of all electronic wallets - the need to use specialized software that connects the crypto user, his wallet and their transactions with the blockchain.

Looking ahead, I want to say that there is an effective, but somewhat time-consuming way to  protect transactions at 100%. I will describe it at the end of the article.

Most token holders go the easy way and use whatever makes it easier to use cryptocurrencies. And that opens them to potential risks and cyber attacks.

Electrum attack

One of the most popular hot wallets, Electrum, was hit by a successful phishing attack at the end of 2018, the consequences of which were also felt by users in mid-2019 and late 2020.

The attackers found a way to display to legitimate wallet owners messages, that appeared to be legitimate. According to those the intended victim needs to immediately download and install the Electrum update from the GitHub repository.

Electrum phishing message

Image source - zdnet.com

The repository provided in the messages, of course, belonged to the attackers and distributed malware that steals cryptocurrency.

Moreover, this was done not by sending phishing emails or redirecting users to fake sites, but skilfully using a feature of the Electrum system. Fraudulent messages came directly from within the e-wallet network.

The essence of Electrum is that it is essentially a network of nodes on the Internet, united into a common structure. Moreover, everyone can launch their own node.

This is what the hackers did.

They distributed phishing messages through their node with the urgent request to update the client software from a domain similar to the real one. When updating, users installed a modified version of the Electrum wallet, which unlike the real wallet only a one-time password is requested, which is used when making a transaction. After that, the malware integrated into the software was able to transfer funds out of the affected wallets.

It is worth noting that the message looks strange, to say the least. There are 3  immediate red flags that you should not rush and update the app:

  1. There is no direct download link. Applications never write the name of the site for downloading updates in the windows displaying the error. If you need to redirect the user to a website, then a fully functional hyperlink is published, one that you can click on.
  2. The message appears at the wrong moment. Messages of this kind, as a rule, appear after an attempt to perform some  action, for example when checking the balance.
  3. There are no signs of real issues with the wallet. The overwhelming majority of phishing messages in any area have one thing in common - if you ignore them, nothing happens. It's the same with Electrum. If you close the window that appears and continue using the wallet, then everything will work fine.

Even though the Electrum developers have introduced restrictions on the operation of nodes and created a blacklist of unreliable servers, cybercriminals continue to carry out similar phishing attacks.

Over the years, more than $22,000,000 has been stolen from the accounts of unattentive Electrum wallet owners.

Ledger user data leak

In 2020, the systems of Ledger, the company that makes one of the most popular cold wallets, were breached by hackers.

The initial information came from an independent researcher who discovered vulnerability on the company's website.

Soon it was reported that hackers also managed to gain access to the personal information of wallet users.

Later in December, hackers made the database freely available on an online forum. It is also known that this data was previously available on the black market.

The following information leaked publicly:

  • 1,075,000 emails
  • 272,853 orders with full info details (Phone numbers, addresses)

Let me remind you that using cryptocurrency isn’t legal in some countries, the largest of which is China.

For a complete list of countries in which the circulation of Bitcoin is officially prohibited, see the end of the article.

Also it’s worth noting that quite often it’s simply impossible to legitimize the income received in cryptocurrency. Therefore, the leakage of data from crypto wallet holders can cause both immediate and real issues with the law and also potentially inviting others by , attracting the attention of blackmailers.

Outcome

Cryptocurrency tokens were conceived as means of making payment and any other necessary transactions between parties who don’t trust each other without an intermediary. At the same time, in the real world, few people can handle blockchain transactions without third-party programs and systems. In fact, it would appear that the intention of the original creators was foiled since we still need to trust someone to use Bitcoin and other tokens. And it is in this bundle of platforms and services where vulnerabilities are most often found.

UPD: In 2021, the MINA blockchain protocol is actively developing. Unlike existing blockchains, MINA doesn’t need every node on the network to have a complete copy of all blocks since its launch. Instead, short (22kb) snapshots of all transactions are stored on the devices of network participants. Thanks to this, MINA can create a protocol where there is no need for client-server communication, which will significantly increase the reliability of the network. 

Hacking and stealing EXMO exchange funds

The end of 2020 was full of hacking events. On December 12th, the British cryptocurrency exchange EXMO, headquartered in the UK, reported that unknown hackers stole about 6% of its assets, compromising hot wallets. According to official EXMO statistics, the daily trading volume of the exchange is 2,273 BTC (almost $52,000,000), and the number of active traders is 27,795.

The hackers were able to withdraw stolen funds to these addresses:

List of compromised EXMO wallets

According to CoinMarketCap, Exmo is in the 30th place in terms of number of traders, liquidity, and volume of transactions. The exchange is especially popular in the Russian-speaking community.

According to The Block Research, EXMO appears to have lost $10.5 million worth of funds.

How are these attacks carried out?

There are two main ways to hack crypto exchanges:

  1. Phishing attack. Attackers may come in contact with crypto exchange employees and trick them into opening a document infected with an exploit or going to a phishing site where special software steals authentication data. The goal of the attack is to install malware, which helps hackers penetrate the company's network and obtain unauthorized access.
  2. Exploiting the vulnerability of blockchain add-ons. If the blockchain itself is considered reliable enough to withstand any attacks, then technologies added to it to help adapt to certain tasks may  be susceptible to attacks. For example, on the Ethereum network,  exists such a thing as smart contracts. This is a functional analogue of coins on the blockchain. This is a functionality that can scale within the blockchain. Smart contracts can contain bugs or vulnerabilities.

To access any crypto wallets, it is enough to obtain the secret access keys. Most often, they are intercepted with the help of stealers. Installing such malware is possible not only through phishing but also through social engineering or the actual bribery of employees.

Phishing on behalf of Elon Musk

The beginning of 2021 was marked by an unprecedented rise in Bitcoin’s exchange rate. As well as during the previous bull market in 2017, the news background played a significant role in this. I especially want to highlight Elon Musk,  announcing Tesla's purchase of $1.5 billion in Bitcoin. After this event, Elon Musk became associated with good news and positive developments in the world of blockchain technologies.

Scammers took advantage of this situation  and were able to earn about $580,000 in just one week on a scam distribution of cryptocurrency on behalf of Elon Musk on Twitter.

The described situation took place in January and was reported in the news. But that didn't stop Cologne-based Sebastian from losing £ 407,000 on a similar scam. 

He got a Twitter message about the "Dojo 4 Doge?" from what appeared to be the official Elon Musk Twitter account. The tweet included a link to a professionally executed website that featured “the Tesla team”. The page offered visitors the opportunity to send the site owners anywhere from 0.1 to 10 Bitcoins for a limited time to receive in return twice as much.

Sebastian checked the accuracy of the information as best he could, but this wasn’t enough to recognize the fraud.

Whale Alert specialists registered anonymous withdrawal of funds a few days after the transaction was completed. The information is available to anyone who knows the Bitcoin wallet number in question and they can look it up at https://www.blockchain.com/explorer.

Even though the victim can see the movement of the stolen funds in real-time, no one can stop it or return them to the sender. In my opinion, this is the main disadvantage of the blockchain. But otherwise, there would be no decentralization of Bitcoin.   

Scam DeFi project Compounder Finance

In recent years, DeFi  (Decentralized Finance) has become widespread. Simply put,  it’s investing in projects using blockchain technology. Moreover, this became possible with the advent of the Ethereum network, and its new possibilities of storing not only information about the movement of coins but also implementing so-called smart contracts on the blockchain . Those became an important component of DeFi.

However, as with Bitcoin, DeFi has some of the inherent disadvantages of cryptocurrencies.

Namely, the need to transfer access keys or seed phrases to manage your wallet.

On March 15, 2021, the Cream Finance DeFi project and the PancakeSwap decentralized exchange came under DNS spoofing attacks. As a result, visitors ended up on fake sites, where scammers tried to find out their seed phrases and private keys to gain access to wallets and steal funds.

To spoof DNS, a hacker needs to either gain access to the site's domain or compromise the DNS servers through which users visit the site. It is quite difficult to do both, but not impossible. In the case of Cream Finance, the attacker most likely carried out a phishing attack on the administrator of the GoDaddy registrar where the project's domain was registered. Despite high safety standards, GoDaddy employees become victims of phishers twice in 2020.

How can DeFi project participants fall victim to hackers?

DNS spoofing of domain records allows users to be redirected to a server controlled by criminals, where they can intercept any information sent by users. And the TLS encryption used in the https connection doesn’t protect against this kind of attack.

In the case of Cream Finance, hackers tried to intercept access keys to the wallets of the company and its customers. If successful, they could anonymously steal all funds from compromised addresses.

How to protect your investment from theft?

In the case of a well-prepared DNS attack, it is almost impossible to notice that the site has been compromised. The only way to figure out that there is a threat of theft is only by paying attention to unexpected requests for a secret key or seed phrases.

Gangster attacks

The last option on this list to steal crypto assets was the "gangster" method. It is done by physically attacking the owner of the cryptocurrency.

One of the most high-profile cases of such a robbery occurred in the Dutch city of Zuydeind.

According to the Telegraaf publication, in 2019, three unknown assailants, disguised as police officers, attacked the owner of the cryptocurrency when he was at home with his 4-year-old daughter. The criminals dressed in police uniforms tortured the investor in front of his little daughter, demanding to hand over the cryptocurrency to them.

Thierd H., 38, became the victim of a robbery raid. Robbers wearing masks and bulletproof vests violently tortured him, including using an electric drill on him. This also happened in front of a young child who is now undergoing psychological treatment.

According to the publication, the owner of the house was a bitcoin trader.

It is noteworthy that such crimes occur all over the world. There are also known cases of kidnapping with a ransom demand in cryptocurrency.

We’ve all watched exciting Hollywood films where criminals kidnap a victim, but they are caught during the physical transfer of the ransom. Imagine what criminal groups and individual kidnappers are capable if the risk of being caught at the ransom drop is no longer a factor since the transfer of cryptocurrency cannot be controlled or traced by any law enforcement agencies.

I predict an increase in the robbery of Bitcoin owners with its further spread in society.

How to protect yourself from burglars?

Often, the victims of robbers are people who blog on the Internet or otherwise advertise their income.

To minimize the risk, it is important to remain anonymous and avoid leaking information about your name and address.

Leakage of personal data is also possible when crypto exchanges and DeFi projects are hacked. Unfortunately, international rules force their owners to comply with KYC / AML. This means that user data is stored on those companies’ servers. Consequently, there is no full guarantee of the personal data of all owners of Bitcoin and other tokens who may not only store them in cold wallets but also invest them or trade on the exchange.

How to store Bitcoins and other cryptocurrencies correctly

It is known that Bitcoin coins can be stored in several ways:

Cold wallet

It is believed that the safest way to store Bitcoin is the so-called cold wallet. This is an external medium that stores a pair of values ​​- the private and public keys of the Bitcoin wallet. It is this method of storing assets that crypto traders and crypto exchanges use to avoid the theft of large amounts of Bitcoin and other cryptocurrencies.

Pros of a cold wallet 

  • 100% protection against theft
  • Ability to store multiple cryptocurrencies

Cons of a cold wallet

  • May get lost or the hardware may fail
  • Requires confirmation of operations on the device, which slows down its use
  • Operations go through the client software of the device manufacturer
  • The need to remember an additional PIN or password to access the device
  • Attackers can gain access to cold wallet service accounts

The most common type of cold wallet today is hardware or e-wallet.

The principle of operation of a hardware cold wallet is similar to the principle of operation of a regular flash drive. The external non-volatile medium stores data for managing transactions of blockchain addresses owned by the user. Typically, one such wallet supports multiple tokens.

Top 10 best cold wallets:

  1. Ledger Nano X is a second-generation hardware wallet from the French company Ledger. Supports over 1500 cryptocurrencies in 100 wallets. Ledger also comes with a USB Type-C cable, so it can be connected to either a computer or a smartphone. Supports Bluetooth connection.
  2. Trezor Model T is the second-generation hardware wallet created by Trezor. Trezor Model T is very similar to Ledger but gives the user the ability to access third-party exchanges Changelly and Shapeshift right from the site's interface.
  3. Ledger Nano S is a first-generation hardware wallet. It appeared shortly after the appearance of the first generation Trezor. No bluetooth. Maximum 18 wallets.
  4. Coldcard is a Bitcoin-only storage solution that uses a MicroSD backup and provides multiple security solutions like decoy wallets, pins, and lockout timers. Looks like a mini calculator.
  5. BitBox02 is arguably the easiest hardware wallet to use. Has a quick setup with an intuitive interface. Available for desktops and Android. Also compatible with many thin hot wallets like Electrum, Specter, MyEtherwallet, HWI. Suitable for Bitcoin and ERC tokens.
  6. Opolo Cosmos features a relatively large 3.2-inch touchscreen. Has a built-in ability to exchange coins without connecting to a computer. Equipped with a built-in universal password manager suitable for Facebook, Gmail, and more.
  7. SafePal S1 is a cold wallet that works without connecting to a computer or smartphone. The only way to use it is by scanning the QR code. To sign the transaction, the device is brought up to the screen. Designed primarily for DeFi with Uniswap and Compound.
  8. Cobo Vault is a SafePal-like device for remote use. It features a larger screen and a fingerprint scanner.
  9. SatoChip is one of the cheapest hardware wallets on the market. It costs about $25, which is 5 times less than most of the listed wallets. The device looks like a bank card. It is somewhat inferior to competitors in functionality and the number of supported coins.
  10. SecuX V20 is a wallet of a Taiwanese company that has developed a device to work with both a mobile app and a web interface. Doesn’t require a connection to a computer.

There is also a simplified analogue of a cold wallet - a paper wallet. This is a small piece of paper on which the private and public keys are written. But this method also has a weak point - the need to generate keys on a third-party service.

So, in February 2021, it more than $6,000,000 in Bitcoin were stolen from paper wallets created using the BitcoinPaperWallet service. A hacker obtained unauthorized access to their site and installed a backdoor malware able to obtain generated keys  

Which electronic crypto wallet to choose from?

As you can see, there are several hardware wallets out there today. How do you choose the best hardware wallet for Bitcoin and other cryptocurrencies and tokens?

You need to understand that invulnerable wallets don’t exist. In fact, they are all good for storing coins. As I said, a potential weak point for any cold wallet may appear while a transaction is  executed.

Consider 3 options for signing transactions with hardware wallets:

  1. Signing the transaction by connecting via Bluetooth or USB. If  this is a tokens transaction and at this particular moment a DNS attack is launched on the DeFi project site, hackers will be able to intercept the access key. If the computer is infected with malware that spoofs the recipient's address, the funds will go to the hacker's blockchain address.
  2. Signature of the transaction by confirmation through a barcode. The result is similar to the first point. The method only excludes the possibility of hackers "getting" into the wallet system.
  3. Manual entry of the confirmation key. This  option is also vulnerable if the computer or smartphone used is infected with malware. In addition, there is a threat  the wallet  being intercepted by spyware that reads keystrokes on the keyboard. When using this method, I recommend using the onscreen keyboard.

Unfortunately, no matter how reliable the wallet is, hackers can steal coins and tokens at the time of transaction if a Trojan is in the control device's system.

Below I will provide step-by-step instructions for checking the system for Trojans.

Hot wallet

The most common Bitcoin wallets are the so-called hot wallets. Unlike cold ones, they don’t require an additional device and have wider functionality and capabilities.

The pros and cons of hot wallets are listed below, except for the so-called fat wallet, which is a complete blockchain node. I will tell you more about this type of wallets separately.

Pros of a hot wallet 

  • Extremely easy to use
  • Ability to store an unlimited number of coins and tokens
  • Ideal for frequent address changes
  • Access from any device
  • Compatible with cold wallets
  • Advanced functionality

Cons of a hot wallet

  • The coins are actually held by a third party
  • Less protection from hackers
  • Ability to intercept control using a MITM attack

The most popular is the web wallet. Also, quite often they use a light or, as  it’s also called, a thin wallet. The strongest technological one is a full-fledged thick (warm) wallet. Below I will provide a brief description of each of them along with a comparison.

Web wallet (most common)

Do you own Bitcoin, Ethereum, USDT, or other coins and tokens and often operate with small amounts and change addresses?

Then a web wallet is the best choice!

Through the web interface, you can create an unlimited number of wallets for an unlimited number of coins and tokens without having to monitor the performance of your computer (smartphone).

Even if you have a thick wallet that stores bitcoins,  you can easily create web wallets, transfer coins to them and use them for transactions in which you would not want to reveal the main address to others.

But I don’t recommend using such wallets for storing large balances. After all, the web interface gives only remote access to the storage, which is in the hands of a third party - the web wallet operator. There is no guarantee that it won’t be hacked or something won’t happen that could lead to a loss of funds.

In the next section, you will learn about the most reliable and secure way to store Bitcoin today.

Thick (warm) local wallet

Blockchains consist of a certain number of full copies of all mined blocks since the launch of the coin. Anyone can install their own Bitcoin node on their computer or server and thus avoid any unreliable intermediaries between their wallet and the blockchain.

Each such copy (node) works concurrently with all other nodes. Making a transaction on one node triggers a chain of synchronizations with the rest of the blockchain nodes. In this case, the transaction falls into a new block, which is mined by miners. As soon as the next block is mined, the transaction will be confirmed and will forever become part of the blockchain.

Thus, a thick hot wallet allows you to interact directly with the Bitcoin (or other coins) blockchain.

This method would be an ideal solution for storing and transferring cryptocurrency, if not for five disadvantages:

  1. The size of the copy of the Bitcoin blockchain is more than 330 GB at the time of this writing. At the same time, its size is growing linearly and by 2022 it will be approximately 450 GB.

    Bitcoin blockchain size growth chart


    In this regard, the size of the computer storage on which the Bitcoin node will be located must be more than 500 GB. It also excludes the possibility of installing such a wallet on a smartphone. 
  2. Requires a high-speed internet connection. Since each time it connects to the network, a node must synchronize with the rest of the Bitcoin network nodes, a fairly large amount of data will need to be exchanged.
  3. It will take a lot of computing power for the wallet to be able to sign transactions. 
  4. Management of a wallet is possible only from one device on which the node is located.
  5. Ability to keep one coin and one address. You will have to install one node for each Bitcoin address. This means that it is almost impossible to own multiple coins or even addresses. This isn’t only because it will take up a lot of hard disk space, but also there will be a conflict of ports on the computer.

But still, if the listed disadvantages aren’t decisive, then I recommend using this particular type of wallet.

A hot fat wallet allows you to be as independent as possible from intermediaries and avoid vulnerabilities in third-party software.

Below I will describe step by step the process of installing your own hot wallet and you can easily deploy it on your computer, subject to the minimum technical requirements.

Crypto exchange 

Finally, another way to store Bitcoin and often other coins and tokens is to open an account on a crypto exchange.

Pros of crypto exchanges for storing Bitcoin

  • No need to become the owner of your own wallet
  • It is possible to transfer cryptocurrency to fiat money and vice versa
  • Easy exchange
  • High anonymity for outside observers .

Cons of crypto exchanges 

  • Crypto exchanges require identity verification 
  • Limits for minimum withdraw
  • A limited number of tokens
  • Risk of delisting tokens
  • Greater risk of losing control over funds than other methods

From my experience, I will say it makes sense to use cryptocurrency exchanges to store coins when you need to frequently trade crypto or exchange it for fiat money, or if you need to hide the history of transactions. But at the same time, there are exchanges where operations with fiat aren’t  available.

It is important to understand that exchanges aren’t suitable for the long-term storage of funds. If you don’t log into your account for a long time, then identity verification may be required.

But against all the shortcomings of this  method, there is the most important advantage of keeping Bitcoin on a crypto exchange for storage - when withdrawing, the transaction history is completely lost. This is because the exchange's money is stored in a limited number of addresses. Therefore, traders' coins are mixed with others resulting in a complete loss of the ability to track previous transactions.

This, by the way, is used by scammers who steal cryptocurrency. However, I want to warn you that the exchange will instantly block your account if it receives information that the coins may be of criminal origin. Cybercriminals open accounts for dummies. That is why the verification procedure has recently become tougher and more complicated. Most often, this requires a webcam to compare the new user with the scanned documents sent to them.

It is also important to know that exchanges don’t like it when users carry out a lot of deposit and withdrawal transactions, but at the same time, they use little of the main functionality - trading crypto. If this is abused, then the account can be blocked.

Using a cryptocurrency exchange to store Bitcoin is convenient if you need to hide the source of funds for future transactions. But at the same time, the exchange is the riskiest way to store coins and tokens.

Preparing the system for storing Bitcoin

Before describing the process of installing a hot fat wallet with its own node, you must do two things:

  1. Make sure that the node can be installed;
  2. Scan the system for malware.

1. Checking the capabilities of the computer

Desktop computers and laptops running the following OS are suitable for installing the Bitcoin Hot Fat Wallet:

  • Windows 7/8/10
  • Mac OS X
  • Linux

The technical requirements for all of these platforms are the same:

  • 400 GB or more free disk space plus a one-time 340 GB download the first time you start Bitcoin Core (external storage can be used).
  • Downloading about 500 MB per day (15 GB per month)
  • Upload 5 GB per day (150 GB per month)
  • 1 GB RAM
  • Processor frequency> 1GHzх  

2. System check

The most important step in preparing for installing a hot wallet is checking and cleaning the system from malware.

Spyware Trojans are especially dangerous. They are capable of transmitting to the hacker's control server all user actions (keystrokes, cursor moves, and mouse clicks) and, which is especially dangerous, all sorts of temporary files that can be used to access the wallet while bypassing the password.

How to check the system?

Ideally, it's best to use a freshly installed system.

If you are installing Windows or Linux yourself, then don’t download it from torrent sites. It isn’t uncommon for hackers to use torrents to distribute malware. They post hacked free versions of Windows and at the same time can infect the system with a Trojan that will give remote access to the system without the user's knowledge.

 If you are installing a Bitcoin wallet (or a wallet of any other coin) on an already used system, then follow 3 simple steps to check and protect Windows:

  1. Scan the system with the free Dr.Web CureIt utility. It is one of the most effective tools for finding and removing Trojans from the system, which even hackers trust.
  2. Uninstall all programs that you can do without. This is to prevent hackers from getting into your system through infected system updates in the future. This method, for example, was used to hack US government organizations in 2020.
  3. Install antivirus software and set up a complex password on it. The password helps protect your antivirus from being disabled by malware.

To 100% secure transactions from hacker attacks, it’s better to use two computers. One will have a node connected to the network and a transaction control panel, and the other will have an autonomous (disconnected from the Internet) copy of the wallet without a full Bitcoin node for signing transactions. Read more in the next chapter.

Setting up your Bitcoin node

The most widespread and time-tested hot fat wallet for Bitcoin is Bitcoin Core. This is free software that combines two modules:

  • The wallet itself
  • Soft node management

Step-by-step instructions for installing and configuring Bitcoin Core

  1. Download and run the Bitcoin Core installer. Go to https://bitcoin.org/en/download, download, and run the file.

    If you see the window shown in the figure below, then follow the additional steps described below the screenshot. If the window doesn’t appear, then go to step 2.

    Bitcoin Core installation lock window

    The crux of the problem is that Windows recognizes the blockchain code as dangerous. In fact, this isn’t the case and has been confirmed by many experts.

    • Click “Search” on the Windows taskbar, type “cmd,” but don’t press “Enter”.
    • Right-click on Command Prompt and “Run as administrator”.
    • Click allow.
    • Type the following command: net user administrator /active:yesIt should tell you “The command completed successfully”.
    • Click the windows button.
    • Click on the Person button with your name, sign out.
    • Sign in again with the Administrator, there should be an option at the lower left.
    • Run Bitcoin Core setup.
    • After completing the installation, switch to your regular user. You can disable the Administrator account by running the net user administrator / active: no command similar to the previous steps.
  2. Configure the installation path. Select the folder where you want the software to be installed. This isn’t a node yet, so it isn’t necessary to select a disk with a large amount of free space.

    Choosing a folder to install Bitcoin Core

  3. Install and run the software.

    Bitcoin Core installation process

  4. Select a location to download the node. 

    Choosing the path and option for installing the node

    Pay attention to the Discard blocks after the verification setting. This is a very useful option that will allow you to clear most of the occupied space, since Bitcoin Core will calculate the necessary parameters for past transactions and delete all old blocks from the database, leaving only about 2 GB of data.

    In this case, the functionality of the wallet won’t be affected in any way. 

  5. Finish installing the wallet. After clicking on OK, the download of the blockchain data will start. Even at a speed of 100 MB/s, it will take at least an hour.  

    Bitcoin blockchain data loading process

  6. Creating a wallet. Click on Create a new wallet, then enter the wallet name and select options like in the screenshot. Then enter the passphrase.

    Creating a new wallet Bitcoin Core

    Choosing options for the new Bitcoin Core wallet

    Entering passphrase for new Bitcoin Core wallet

Pay particular attention to the complexity of the passphrase. It should be both long, complex, and at the same time easy enough for you to remember.

I recommend choosing short rhymes or sayings as passphrases. It is almost impossible to brute-force passphrases longer than 8-9 characters, and there is no need to store a long password on a disk or a piece of paper.

A real example of the encryption strength of such passphrases. About 10 years ago, the FBI caught a Russian hacker. He had an encrypted section of his laptop. The specialists were unable to crack or guess the password. When the hacker decided to cooperate and gave out the password, it turned out it was a popular Russian rhymed verse, typed with errors and punctuation marks.

Multi-signature wallet

So, we checked the system and installed our wallet, which doesn’t need intermediaries and is protected by cryptography.

Is this enough to store Bitcoin securely?

In most cases, yes, but it still doesn't provide 100% protection.

How to make sure that no hacker can steal our coins?

Use multi-signature (multisig).

In this case, transactions must be signed in two different wallets located on different computers. Moreover, you may not even have access to this second wallet. It can be owned by someone you trust.

Bitcoin Core since version 0.17.0 supports the partially signed bitcoin transactions (PSBT) framework BIP 174. And since version 0.20 (2020), it also supports edmulfunctionsti.

There are several types of multi-signatures:

  • 1-of-2: a joint account of two business partners - the signature of either party is enough to spend the funds.
  • 2-of-2: Combined savings account of two business partners - both signatures are required to spend funds, which prevents one of the account holders from spending funds without the approval of the other.
  • 2-of-2 with two-factor authentication: one is stored on the computer and the other on the smartphone. Funds cannot be spent without the signature of both devices.
  • 3-of-5: low-trust donation address - each of the five trusted project participants keeps a private key. Three people can spend funds, but anyone can transfer donations to the address of the project. Such a scheme reduces the risk of waste, hacking, virus infection because one participant loses interest in the project. The blockchain displays which private key was used in the final signature, which improves  keeping records.
  • 2-of-3 (1): buyer-seller with a trustless escrow account - the buyer transfers money to a 2-of-3 address, the seller acts as the third arbiter. If the transaction is successful, the buyer and seller both sign the transaction, returning the funds to the seller. If a failure occurs, they can sign the transaction to return the funds to the buyer. If they cannot agree, both turn to a third party who acts as an arbiter and provides a second signature to the party they deserve. The arbitrator cannot steal funds because he has only one key.
  • 2-of-3 (2): the board of three managers holds the funds of the company or organization - these funds cannot be spent without the consent of any two of the three managers. For large organizations, larger multi-signature transactions are possible - 3-of-5, 5-of-9, etc.
  • 2-of-3 (3): hot storage wallet for businesses. The Bitcoin exchange stores one private key online and another private key as a paper reserve. A separate cybersecurity company stores the third key online and signs transactions only after a number of factors have been verified (absence / presence on black and white lists, not exceeding the limit on the number of withdrawals in a certain period, two-factor authentication, regulatory compliance, etc.). If the hot wallet of an exchange or company is hacked, bitcoins cannot be stolen. If a cyber defense company goes out of business, the exchange can access the funds through a paper reserve.
  • 2-of-3 (4): decentralized cold storage cell - one of the keys is kept by the user in the safe at home, the second - in the safe deposit box, and a copy of the third key is kept by a close friend of the user and his relative in his office. A home-safe deposit box is protected from burglars as spending money requires a visit to a friend, bank, or office.
  • 2-of-2 smart contracts: TumbleBit, Coinswap, Lightning Network.
  • 1 or 3-of-4 distributed reserve: the primary user can use the wallet at will, but if that owner loses their private keys, they can be recovered with the help of three of four other trusted friends / organizations. One key is kept in a safe deposit box, the other three are kept by friends. In the event of the death of the owner, the cell with funds, according to his will, can be transferred to one of his trusted friends or someone who can use the help of trusted friends.

However, this method has a significant drawback - using multi-signature isn’t easy, since you need to use the command line. There is no multi-signature support in the Bitcoin Core GUI.

An example of using multi-signature

There are quite a few examples of a practical application of multisig with Bitcoin Core using the command line on the Internet.

Redditor u / Pantamis has published a step-by-step guide on how to set up a Cold wallet bundled with Bitcoin Core to achieve almost 100% transaction security. Here is an adapted version of multisig version.

To work with the commands presented, you need to have Python installed, as well as HWI  with Git.

The following describes how to implement multi-signature with k of n setup. If you don’t want to spend time learning each of the steps provided, you can use the command at the end of the instructions.

  • Use HWI to get the n xpub and fingerprint of all your hardware wallets signers (basically, you will do execute a command like ./hwi.py enumerate to get the fingerprint fffffff and ./hwi.py -f fffffff getxpub derivation_path for each of the hardware wallets used in the multisig setup, for air-gapped ones you normally have native way to get xpub).
  • Create a blank wallet in Core console (or cli) with creating "Name_wallet" true, the private key is also disabled. Load this wallet in the command line of QT (you must select Name_wallet in Qt at the top of command line, or load it with loadwallet). All commands must be run with this wallet loaded (don't load another one in between ....)
  • Let details the descriptors we can use. For a P2SH (legacy) multisig setup it looks like sh(sortedmulti(k,...)), for a P2WSH (native segwit) setup wsh(sortedmulti(k,...)), and for a P2SH-P2WSH (segwit) sh(wsh(sortedmulti(k,...))) because we all want to spare fees, I will take P2WSH for what happens next but you know how to get other addresses type. Our descriptors will look like wsh(sortedmulti(k,[path1]xpub1.../0/*,[path2]xpub2.../0/*,...,[pathn]xpubn/0/*)) for receiving addresses and wsh(sortedmulti(k,[path1]xpub1.../1/*,[path2]xpub2.../1/*,...,[pathn]xpubn/1/*)) for change. pathm is the derivation path of the m-th xpub of our setup (order of xpub doesn't matter). But be careful: for a derivation path like m/44'/0'/0'/312 you must write path as fffffff/44h/0h/0h/312 where fffffff is the fingerprint of the xpub m given by HWI and h replace ' (else it is harder to input in command-line, you need to input \' instead of ' each time)
  • We need to get the checksum of the descriptors we use. We call getdescriptorinfo "wsh(sortedmulti(k,[path1]xpub1.../0/*,[path2]xpub2.../0/*,...,[pathn]xpubn/0/*))" and getdescriptorinfo "wsh(sortedmulti(k,[path1]xpub1.../1/*,[path2]xpub2.../1/*,...,[pathn]xpubn/1/*))". In the two cases, the result is a JSON with a new descriptor (we don't care about it) and a field like so "checksum": "nefdbkdf". This second string is what we want, we name checksum0 and checksum1 the checksum results of the two calls.
  • We import the 2000 first receiving addresses with importmulti '[{"desc": "wsh(sortedmulti(k,[path1]xpub1.../0/*,[path2]xpub2.../0/*,...,[pathn]xpubn/0/*))#check_sum0", "timestamp": birth_timestamp, "range": [0,2000], "watchonly": true, "keypool": true}]'. You recognize the same first descriptor and we append checksum0 to it with a # . If you didn't use this wallet setup before (in Electrum ...), set birth_timestamp to "now" else input a timestamp close to the first time you used the wallet to avoid a full rescan (if you don't remember, delete it from the call and enjoy a coffee during full rescans)
  • We import the 2000 first change addresses with importmulti '[{"desc": "wsh(sortedmulti(k,[path1]xpub1.../1/*,[path2]xpub2.../1/*,...,[pathn]xpubn/1/*))#check_sum1", "timestamp": birth_timestamp, "range": [0,2000], "watchonly": true, "internal": true}]'. Notice that the keypool isn’t set, so it is set to false: the keypool is needed to show you receiving addresses one by one to avoid addresses reuse. For change addresses, we need to set internal to true so that they are added to the outputs as change automatically.

DONE! You should get the same addresses as Electrum and you can create addresses to receive crypto in Qt! To send money, simply go to the send section, use the new coin control feature, and export a partially signed transaction. You can use HWI or Electrum to sign it with your hardware wallets.

Note: you can import more or less 2000 addresses of each type. If you import less, rescanning the blockchain will be faster, but you may need to repeat the commands described above later when all addresses have been used once. If you import more, then rescanning the blockchain will take longer.

If you like doing things in one shot you can do the last two steps in one big command: importmulti '[{"desc": "wsh(sortedmulti(k,[path1]xpub1.../0/*,[path2]xpub2.../0/*,...,[pathn]xpubn/0/*))#check_sum0", "timestamp": birth_timestamp, "range": [0,2000], "watchonly": true, "keypool": true}, {"desc": "wsh(sortedmulti(k,[path1]xpub1.../1/*,[path2]xpub2.../1/*,...,[pathn]xpubn/1/*))#check_sum1", "timestamp": birth_timestamp, "range": [0,2000], "watchonly": true, "internal": true}]'.

I would like to point out that the multi-signature method described above should only be used if you need to achieve a paranoid high level of transaction security. It is much easier to use Bitcoin Qt or Electrum, where this functionality is available without the command line. But at the same time, it is worth accepting the additional risks of third-party software.

Conclusion

Today, it is clear that Bitcoin and other cryptocurrencies, tokens, and other blockchain-based technologies have firmly entered our lives. This brought the new possibility to make payments anonymously and securely, to invest or simply store your funds.

But the pros of blockchain are also its cons. If the traditional financial system has developed reliable ways to counter cybercrime, then Bitcoin, on the contrary, contributes to it.

Most hackers and scammers have turned their attention to cryptocurrencies. This is due precisely to the anonymity of the blockchain and the impossibility of exercising control over transactions. In reality, if your funds get to the hacker's wallet, then no one except the hacker himself can return them.

Based on all this, I urge you to not be afraid to use this incredibly convenient and promising technology but to take the necessary measures to protect your wallets and transactions.

To summarize the recommendations, it is important to adhere to the following rules:

  • Carefully monitor the health of the electronic device used (computer, smartphone, electronic wallet),
  • Recheck the recipient's address, even if it is pasted from the buffer,
  • Only  store substantial amounts of coins and tokens in the secure hot and cold wallets, detailed in this article,
  • Protect large transactions with multi-signature. 

____________________________________________________________________________________________

If this article has been useful to you, please answer in the comments what new information you discovered for yourself after reading it. If you think the information isn’t complete, then please write your opinion on what can be improved. You can also ask any questions about the topics discussed in the article, I will be glad to answer to everyone.

Dean Chester.

Senior Researcher
Dean Chester
Cybersecurity and online privacy expert and researcher. He's been published on OpenVPN, EC-Council Blog, DevSecOps, AT-T Business, SAP Community, etc. Dean has been testing VPNs for 8 years.

Leave a comment

click to select