There are several risks associated with cryptocurrencies.
Some of these risks are direct, while some are indirect.
Indirect risks are government regulations or some kind of ban on cryptocurrencies. Direct risks include carelessness with your private keys or using an un-tested wallet.
This article is focused on the latter risk- a direct risk. There is no point in discussing the former because governments will do whatever they want anyway.
One main direct risk is the wallet you choose to store your Bitcoin, Ethereum, etc. This decision matters a lot because this is where your coins exist. You wouldn’t want to put your paper money in a wallet with a big hole, right?
There are trade-offs, too. Some wallets have special features but may be less secure than others that don’t have those special features.
Example: If I decide to use a paper wallet to store my crypto funds, I can’t say, “Oh damn it! This wallet doesn’t have multi-sig functionality!”
In this article, we will be discussing some of the risks associated with using mobile wallets, desktop wallets, and web wallets. I am writing this to give a heads-up to lazy investors who don’t mind keeping their funds somewhere they shouldn’t (like on an exchange).
Risks Of Mobile Wallets/Desktop Wallets/Web Wallets
Mobile wallets are hot wallets that are always online.
Some mobile wallets provide the functionality of exporting private keys, which makes them even riskie
Suppose you have lost your mobile and have not set a PIN for your mobile wallet… This makes it easy for anybody to fetch your keys and liquidate your bitcoins/cryptocurrencies.
In a mobile wallet, your mobile device (or the app) actually stores your private keys. So if your software is buggy or can be cracked, then it can be exploited, and your private keys can be extracted. This has already happened, so be aware of this.
Another way through which you could lose your Bitcoins/cryptocurrencies is when someone has access to your mobile device and knows your mobile’s PIN.
Let’s suppose somebody in your office has noticed your PIN’s keystrokes, and you happen to leave your phone in the office by accident… Now, the attacker can simply use your PIN and send your coins to another public address that is in his/her control.
Web wallets like Coinbase are equally problematic. If you lose the mobile number which you are using or lose your phone, then you can lose all of your money in minutes.
With your lost phone number, the attacker can hack into Gmail and then into your Coinbase account through your lost number. You can read this and this for more on Coinbase hacks.
Your coins can be hijacked once your Google authentication has been taken over. Mind you, such things have happened and will happen again.
Desktop wallets make everyone think they’re safe, but that’s not always true.
If you use a desktop wallet that keeps your seed keys in an unencrypted form, you could also be attacked. (And yes, this has also happened before.)
Unencrypted hot wallets are another threat to your Bitcoin and altcoin holdings.
Also, while using any hot wallet (i.e., mobile/web/desktop wallet), your IP can be traced, and your data packets on the internet can be analyzed, leaving ample amounts of digital footprints to make you a target.
How To Keep Your Bitcoin/Altcoins Safe And Secure
Wait! This is not to scare you!
I am trying to make you aware of every possible scenario that could happen so that you don’t make any mistakes.
If you want to use these hot wallets (i.e., mobile/web/desktop wallets), do the following:
- Check if your wallet keeps your private keys in an encrypted form.
- Always keep a 2-factor authenticator ON.
- Be aware of your mobile number because that too can be hijacked, lost, or changed.
- Use a fingerprint authenticator on your mobile device.
- Use a strong password for your web wallet and/or desktop wallet.
- Always keep a contingency plan ready in case you get even a hint of being hacked.
But if you want to avoid any of these possible situations, then you should get a hardware wallet like the ones made by Ledger or Cobo Vault.
They don’t exist online and come with secure OTG cables to safely connect to your mobile device. Even if you lose this hardware wallet, no one can break into them.
So then, what’s the use of a software wallet (mobile/web/desktop)? Well, they’re very useful…
But we’ll save that for another article… 🙂
Until then, happy reading, learning, and sharing with the CoinSutra Cryptocurrency community!
Now I want to hear from you: Which wallets are you using? Which ones do you like the best? Do you have a question about Bitcoin/altcoin wallets and how to make them secure? Let us hear your thoughts/comments/questions/concerns in the comments below!
Here are a few hand-picked articles that you should read next:
6 thoughts on “Security Risks of Mobile, Web & Desktop Bitcoin Wallets [Must Know]”
Nice post-Harsh, I follow your posts regularly
Web wallets are the future. This scaremongering about web wallets is not contributing to mainstream adoption of blockchain technology.
With what substance do you make such bold conclusion?
@Cochise Ruhulessin this is just a wishful thinking
Do you know if I can get any of these hardware wallet like the ones made by Trezor and Ledger in Nigeria?
You can order the same Trezor or Ledger in Nigeria through their official website.