Recently, I have seen many players’ wallets being stolen. Some of them are old players, but they have not escaped the risk of theft. It is hard to guard against it.
A few days ago, an old player of Xueqiu who had 73k Twitter followers had 50 wallets stolen, with direct losses of 300,000 to 400,000 yuan.
From the information he shared, it seems that the private key stored locally on the computer was “scraped away”, and the assets on all chains in the wallet were reset to zero, including BRC20. The TOKEN and NFT assets in the wallet were all transferred away.
Even if you save the wallet mnemonic locally, if your computer is infected, the information will be stolen, resulting in the loss of assets.
Every time you use the wallet image to conveniently copy and paste, and save it anywhere, it may bring unpredictable risks.
There was also a player who participated in the airdrop, and his wallet was also stolen.
If the NFT in the interactive wallet is stolen, the assets of the entire chain will be stolen, and the airdrop income of the future wallet may also be transferred away by hackers in the first place.
The wallets that receive airdrops frequently interact with various protocols in different ecosystems. It is not known whether there is a problem with one of the protocols, or the mnemonic phrase has been leaked, or a certain plug-in has been installed. In short, the more interactions there are, the greater the risk to the wallet.
On the blockchain, once you are targeted by hackers, you will almost enter a dark forest. You don’t know which interactions are risky, and returning to zero is inevitable.
A big shot in blockchain security said that when using a wallet, you must pay attention to private keys and signatures.
Where is the private key stored? Is it absolutely isolated? Once leaked, the wallet is no longer yours.
Do not save the private key in a computer notepad, nor save it as a picture or screenshot; do not save it in an email, favorites or other networked environment; and do not copy it. If you are lazy and copy the private key or mnemonic phrase, it may be convenient for a while, but it also poses a security risk.
Signature sign is the authorization when logging in. Pay attention to which permissions are granted when signing.
If a protocol requests excessive wallet permissions, it can not only view wallet assets but also transfer wallet assets. Excessive interaction or authorization will bring the risk of theft.
Some phishing websites or risky protocols steal wallet assets through the authorization when logging into the wallet. Once authorized, the wallet will be stolen.
In addition, when downloading or installing a wallet, be sure to download it from the official website. The link obtained through search or private message from others may not be accurate, so be sure to confirm it twice.
There are too many phishing websites nowadays, and if you download a fake wallet, everything will be gone.
Another thing to note is that wallets that store large amounts of assets must not interact. They should only store assets, without interacting or connecting to various dapps. Reducing interactions also reduces risks.
On the blockchain, only when you have the private key and mnemonic phrase, your wallet belongs to you.
On-chain wallets may be stolen, and assets stored in exchanges may be stolen; if you want to gain something in the crypto market, there is still a certain threshold.
If you keep chasing the ups and downs, you will most likely lose money; if you participate in a new project, it is likely that the project will run away and your investment will go to waste;
The contract went back to zero and the spot NFT was cut in half again and again; those that were not lost in the turmoil might have been contributed to hackers and stolen.
If you want to gain something in the crypto market, you need to improve your knowledge; what you earn by luck, you will definitely lose by strength.
Digital wallets are the basic entrance to blockchain. Only by mastering the use of wallets can you explore web3.
Although there are various problems in the use of wallets, you still need to learn more about wallets and keep your assets safe. There is too much uncertainty in entrusting a third-party platform.
Recently, the BTC price has returned to 30k. Although it has fluctuated slightly, it seems that 30k has stabilized. It is still a bear market, and the floor prices of blue-chip NFTs Boring Ape and Azuki have hit new lows.
The market liquidity is too poor, hacker activities are frequent, and the risk of project running away is increasing. We must increase our risk awareness and keep going. Don't start from scratch, there will always be next chance.
The above is just my personal opinion, no investment advice. I am Chu Xiaolian, I am following web3 and the crypto world.