A Redditor thought he had done all to secure his crypto wallet until it was completely wiped out two days ago. The Reddit user has become another example of why digital asset holders should be more cautious when using paper wallets.
The Redditor further mentioned that he had used a controversial wallet creation software to create his crypto wallet’s private keys, which has been known to have some security issues.
Crypto Users Beware
On July 24, a Reddit user, r/jdmcnair, announced on the r/Bitcoin Subreddit, seeking clarification on how a cryptojacker could have looted his Bitcoin (BTC) worth more than $3,000 from his paper wallet.
The Redditor claimed his paper wallet was secure and generated on an offline computer. The user wrote that he thought he was safeguarding the asset in one of the most secure ways possible.
In addition to the previous post, the Redditor explained that he had generated his wallet’s private keys using the walletgenerator.net wallet creation tool.
But according to some other users, this tool is known for having some vulnerabilities previously.
Certik’s Director of Security Operations on the Use of Crypto Wallet Generator
In an online news site interview, Cointelegraph, Hugh Brooks, director of security operations at blockchain security company Certik, explained that users should be more cautious about using a crypto wallet generator.
According to Brooks, these online wallet generators have been a sure hacking tool for some time. He added that some such wallet generators could be real scams. For instance, the site the user posted on his Subreddit reveals an IP address in Russia.
Also, Brooks noted that when going through a tool like Criminal IP, the walletgenerator.net IP address has been related to many abuse reports submitted against it.
Paper crypto wallet generators have been infamous for comprising several severe vulnerabilities since 2019. Brooks further mentioned that it’s very likely that anyone using the walletgenerator.net will be given the same private keys offered to many other users.
An example of such an exploit is the Profanity wallet generator, which resulted in a $160 million hack on Wintermute, an algorithmic market maker, in September last year.
Brooks offered a simple solution: users desiring to use a secure crypto wallet should go for wallets like Trezor and Ledger.
The Reddit user was confused as to why the cryptojacker waited more than 12 months to steal the funds, prompting another user to give a possible answer.
The user explained that the exploiters wait for sufficient noobs to be convinced that they generated secure private keys, wait for them to store some notable amounts of assets, and then clean up all the funds one day.
>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : TechReport – https://techreport.com/crypto-news/reddit-users-hacked-bitcoin-further-buttresses-the-hidden-dangers-of-crypto-paper-wallets/