Latest on ATNET:

#crypto-opsec #crypto-trading-strategy
#crypto-fundamentals #yield
Roc  · 06/17/22

Security Concerns of DeFi & Crypto: Steps you can take to minimize your risks

06/16/22 · Crypto trading 101
Altcoin Trading Blog
Glossary entries for this post
crypto-opsec
cryptocurrency-wallet
crypto-trading-strategy
crypto-trading-technique
pattern-trading
crypto-technical-analysis
ROC
Browse The Most Searched-For Topics
hub
dca
Key points
  • Platform risks are as strong as in the MtGox days
  • Phishing is something you can prevent
  • Ledger-wide risks are more important in new blockchains
  • Uses shrimpy  ( + more posts) 
  • Uses ftx  ( + more posts) 
  Tradingview never trade alone

When crypto first became somewhat known in 2012, it was touted as being hack-proof, making it the safest form of digital currency transfer available. From today’s point of view, that looks reminiscent of the good old days when everyone believed that Mac OS is immune to computer viruses.

Today, crypto is seen as an effective tool for ensuring data integrity but it's not completely secure. If you're using blockchain for online money transfers to suppliers, vendors, mobile casino sites, or for any other reason, you need to be aware that there are risks and how you should mitigate those dangers.

Blockchain Security: Every new application brings vulnerabilities

Distributed ledger technology, also known as the blockchain, along with the cryptocurrencies that are powered by this blockchain technology, have experienced successes and failures since they were first introduced but blockchain's biggest success is that it has become an essential method of transferring funds throughout the world.

Applications of blockchain are constantly expanding - look at stablecoins, DeFi, NFT platforms.

But new applications bring vulnerabilities to breaches in security – perhaps not the same kinds as TradFi online banking methods but still, open to compromise.

Decentralisation is not a panacea

In the early years of blockchain, it was seen as an ideal technology for cybersecurity because it is decentralized. There are a wide range of applications in distributed ledger technology in areas such as permissioned sharing of financial data, encrypted messaging platforms, medical data sharing and monitoring of credit scores or money laundering.

Today we know that, while blockchain may be a better choice security-wise than conventional money transferring platforms, there are still issues to be resolved.

  • There are platform-based types of vulnerabilities such as coding errors that give hackers an entry point into the ledger.
  • The complexity of some DeFi applications leads to user mistakes that can make them vulnerable to breaches.

The security of blockchain technologies, services and applications is dependent on their inherent weaknesses and while no blockchain-based large-scale hack has yet occurred, there have been small-scale hacks and it's not impossible that a larger one could occur.

In short, blockchain keeps evolving but so does the cybercrime. Hackers can look forward to more powerful tools and more sophisticated algorithms that are beginning to dominate the market that gives hackers new ways to compromise the security of the blockchain.

Security Issues from the User’s Point of View

As a DeFi user, active trader or crypto investor, here are the most important issues that you should watch out for:

  1. Attack on the platform

    Decentralized platforms come with all sorts of system designs, some rather poor. It is a good practice to have a security audit to any application based on smart contracts, but that does not make a DeFi platform immune to all vulnerabilities.

    Custodial “DeFi” platforms, such as lending networks where you need to deposit liquidity into an exchange account, are on par with custodial exchanges. They can prevent you from accessing your money at any time, just like Celsius Network did in June 2022.

    Celsius Network paused withdrawals in June 2022

    Last but not least, you might lose money even if you are not engaging in DeFi staking protocols due to the devaluation of the underlying cryptocurrency - as it happened with Luna.

    The bottom line is that when a DeFi platform gets under attack, the people who used its services and held its tokens may lose their money. At the same time, as a user you cannot control the security practices deployed by the platform.

    Your only security protection here is to mitigate the potential damages: DeFi is experimental, do not put in more money than you can afford to lose.

  2. Phishing

    Phishing attempts involve scammers who send email messages with fraudulent links, most commonly related to a crypto wallet update.

    The email appears to be from a legitimate source but if the user clicks on the link, it gives the scammer access to information in the user's computer that provides the user's blockchain wallet keys and entry into the blockchain.

    The most widely known example of phishing is the Ledger wallet phishing campaign that has been ongoing since Ledger’s customer database got breached in second half of 2020.

    Most crypto wallets these days will let you run any software updates from the wallet’s app. Your best precaution is to always do that and just plain never click any update link in emails.

  3. Cryptojacking

    Cryptojacking is an illicit takeover of computational resources to mine cryptocurrencies or perform other crypto-related tasks. Crypto-malware is malicious software that is installed on a user's device.

    Once the device is installed they will use the victim's computing power to mine cryptocurrencies secretly. Modern cryptojacking scripts are designed to pause when the victim’s phone wakes up and is being actively used, which means the victim will never notice anything.

    The software can be disguised in an email attachment that executes as soon as the user clicks on the attachment or link, so your best protection is to not click on unexpected attachments.

    Fun fact, crypto malware it can also be deployed to the computer in other ways too. So, for instance if you use your employers’ infrastructure to secretly mine crypto at work, you may be guilty of cryptojacking.

  4. 51% Attacks

    Proof of Work blockchains involve "mining" for new coins, typically using extremely powerful, application-specific computers.

    This is particularly true for large-scale public blockchains like Bitcoin and has caused much concern in the early days of it. (Some newer altcoins like Monero or Chia coin have made adjustments to remove the advantage of application-specific devices.)

    When a group of miners gathers enough resources, they can seize more than 50% of the mining power of the network and then control the ledger and, if they wish, modify it. The 51% attack can't work on a private blockchain but it can work on a public blockchain.

    There is nothing you can do to prevent this. Mitigating your risks is the only advice to give here.

  5. Sybil Attack

    "Sybil" refers to the title character in the book "Sybil" who was afflicted with a multiple personality disorder.

    In blockchain jargon, Sybil attack occurs when the hacker creates and uses a number of fraudulent network identities to subvert the service's reputation system.

    Bots and malicious entities simulate fake GPS reports which influences social navigation systems and clogs up the network. If the attack is successful it can bring the system down.

    Again, nothing you can do to prevent it. It is safe to say that smaller blockchains are more vulnerable to this attack than large, public networks like Bitcoin.

Checklist: Precautions to Take

There are nearly 600 custodial cryptocurrency exchanges worldwide and they have varying levels of security protocols.

AscendEX was hacked in December 2021 after a compromised crypto hot wallet was breached. About USD$80 million worth of cryptocurrencies was stolen, emphasizing the fact that just because an exchange is a blockchain, it doesn't mean that it's automatically immune from hacking.

When you choose a crypto exchange and as you work with it, security should be your primary consideration. Of course a lot of it depends on the exchange, but if you're using blockchain you still want to do as much as possible to protect yourself:

  1. Do your research so that you are interacting with a trading platform that utilizes advanced security features. The platform should give you the option of downloading a full report of the activities of your account quickly and easily based on any period of time.
  2. Don't click on any links in any emails that you don't recognize, regardless of how official it looks. Never provide any information to these emails or links, especially anything that would give them information that they would need to access your crypto wallet's private keys.
  3. Instal anti-crypto mining ad-blockers and extensions on your computers. Disable JavaScript to safeguard your computer from cryptojacking. Install antivirus software to protect you from malware attacks.
  4. Don't download applications that your trading platform doesn't control.
  5. Use a VPN to protect your personal information and mask your location.
  6. Use multi-factor authentication to provide additional security.

Latest Airdrops & Bounties (Updates Mo + Thu nights)

airdrop GloDAO Airdrop - Airdrop with a big referral bonus. There is a bunch of mi...
airdrop Galaxy Project Airdrop - Simple gleam form to follow 4 accounts, pays to everyone....
airdrop NEST (BSC) Airdrop - NEST Protocol is a decentralized price oracle network dep...
airdrop Chee Finance Airdrop - A Gleam form that pays $CHEE tokens for three simple soci...
bounty PAXO Finance Testnet Bounty - PAXO is a Polygon app that is doing a testnet run of its ...
bounty MEME airdrop - Phase II of the airdrop. The 2.75 billion $MEME airdrop i...
bounty X Meta Fans Bounty (BSC BEP20) - Long running marketing bounty with 75k USD pool. Facebook...
exchange promo Ledger 'Not Your Keys' promo - 20% discount code - NYKNYC
exchange promo Bitget Giveaway - live
exchange promo Stacked Waitlist $25 Gift - live
exchange promo BitMart Welcome Bonus (up to 3k USD) - 3 tasks
exchange promo Wombat Exchange DEX airdrops - to farmers

Disclosure: All products featured on AltcoinTrading.NET are independently chosen, but some of the links on this page are affiliate links. Read our full content disclosure to learn more.