The crypto industry has been hit with a rise in cyber attacks from an increasingly audacious underworld of shady cypher crooks, and for more than 10 million active user wallets MetaMask lead developer Dan Finlay represents the guardian angel shielding their assets.
Dan sat down with Coin Rivet to explain the greatest threats facing the industry today and advise on what you can do to protect your wallets.
“We have enough of our society running on computers already, but we were willing to shrug off the constant dangers of identity theft or vulnerable infrastructure, maybe because it all felt distant and easy to ignore for most people,” explained Dan.
“When any individual can participate in holding digital assets whose integrity is only enforced by code and a network of peers, suddenly ‘how do I keep my computer safe?’ becomes a question that more and more people are asking”.
Indeed, 2021 alone saw more than $1bn in digital assets stolen and record-breaking crypto heists at Poly Network ($611m – the biggest ever crypto exploit) and Cream Finance ($148m stolen).
“One of the biggest threats today is just phishers – social media has made it trivially easy to impersonate anyone, and so many unsophisticated users are demonstrably vulnerable to deception, and this is a current plague over the internet that needs serious attention,” said Dan.
“Beyond that, we’ve seen some more sophisticated targeted attacks against high-profile high-net-worth individuals, and people in that position should be taking security even more seriously”.
With cyber criminals on the lookout for vulnerable crypto holders more now than ever, Coin Rivet asked MetaMask’s Dan Finlay what people can do to secure their stacks. He explained that the biggest cause of asset loss was often the simplest.
“A lot of loss relates to people rushing into crypto before they understand the implications of what they’re doing: Some users will lose their account backups, or users will just invest in the latest thing, even if it’s just getting promoted by strangers,” he said.
“The next easiest step is to get a hardware wallet and responsibly review transactions on its screen, adding a large hurdle for a hacker who might be able to compromise your computer.
“There are then ways to distribute the authority of some assets across more machines, either as a collective ‘DAO’ or with a ‘multi-sig’ contract account – over time I think we’ll see even more creative ways of ensuring that each device is trusted with just enough value to operate – the ‘principle of least authority’.”
The level of security should really be proportional to the value of your holdings, and multi-sig contract accounts are more suited towards those with significant crypto wealth to protect; and a willingness to compromise on the functionality of the wallets. However, it would seem everyone could benefit from implementing more general cyber security on their hot-wallet hardware.
“Also learning about how to keep your computer free of viruses – for example, many users don’t realise that just running an untrustworthy application on Windows is enough to let an attacker steal everything,” he added.
Las Vegas, US, 1st November 2024, Chainwire
From digital art to real-estate assets, NFTs have become a significant attraction for investors who…
Singapore, Singapore, 21st October 2024, Chainwire
HO CHI MINH, Vietnam, 17th October 2024, Chainwire
London, UK, 16th October 2024, Chainwire
Sinagpore, Singapore, 16th October 2024, Chainwire