One of the most famous recent incidents was the attack on the bitcoin exchange, Bitstamp. On this occasion, 19,000 BTC were stolen after the virtual wallets belonging to the exchange were compromised. The equivalent value of the resulting loss amounted to an astonishing USD 5 million. So, how can you protect yourself? You need to protect both your identity and your wallets from potential digital theft.
Use a versatile Bitcoin client
For the purpose of privacy, and to hide your IP address, you can use a Bitcoin client that allows you to change to a new address with each transaction.
Protect your identity
Be careful when sharing information about your transactions in public spaces like the web, so as to avoid revealing your identity together with your Bitcoin address.
Use an “escrow service”
When you need to buy or sell something and you aren’t sure who is on the other side, you can use an “escrow service.” In these cases, the person who needs to make the payment sends their bitcoins to the escrow service while they wait to receive the item they are buying.
Make a backup of your virtual wallet
With regard to physical storage, as with any critically important backup policy, it is recommended to make frequent updates, use different media and locations, and keep them encrypted.
Encrypt your wallet
Encrypting your wallet is crucial, especially when it is stored online. As you might expect, the use of a strong password is equally essential. With this in mind, you can use tools like DESlock+ to encrypt files that contain any sensitive information. Even better is to encrypt the entire system or user space where these files are located.
Don’t forget about two factor authentication
When using online storage services, it is recommended to use two factor authentication and whenever possible, online services that support the use of hardware wallets.
Avoid using wallets on mobile devices
You should avoid using mobile devices, especially in the case of large sums of money, as they can be lost and/or compromised. In these cases, it is actually better to keep the wallet on equipment that is not connected to the Internet.
Consider using multi-signature addresses
For corporate transactions, or any transactions that require a high level of security, it is possible to use multi-signature addresses, which involve the use of more than one key, the keys usually being stored on separate equipment in the possession of the authorized staff. This way, an attacker will need to compromise all the equipment on which the keys are stored in order to be able to steal the bitcoins, making their task more difficult.
Update your systems regularly
Naturally, any application can have faults, so it is essential to constantly update your Bitcoin clients and your operating system, as well as other products that run on it. Virtual wallets can be affected by any kind of malware that might be hosted on the hardware, so it is recommended to have a properly updated security solution to run full scans on a regular basis.
Get rid of a virtual wallet if you aren’t using it
Lastly, getting rid of a virtual wallet when it is no longer needed requires a careful process to check that it has really been completely destroyed. On Linux systems, you can use the shred command for this purpose, which overwrites the wallet file with random data before deleting it.
Now you know how to protect yourself…
Although it is impossible to guarantee total protection of our assets from digital theft, this shouldn’t stop us from enjoying the use of the technology. So long as we make sure to take the necessary precautions, there’s no reason not to take advantage of the benefits offered by cryptocurrencies as they make inroads into our economy.
by Denise Giusto Bilić, ESET We Live Security