There is no universal solution for all occasions, but we will try to give advice that is always practically applicable. Here is basic recommendations for organizing the storage of cryptocurrencies and tokens.
Do not put all eggs in one basket
Distribute funds, especially those that you do not plan to use in the near future, keep it in a cold wallet. If necessary, there may be several cold wallets. For example, part of the funds will be in a hardware storage, part in a multi-signature wallet, part in the form of a private key in a cryptocontainer with a reliable password.
Use for Crypto a Specific computer
If you work with crypto assets that are several times more expensive than the cost of their storage facilities, select individual computers that will no longer be used for anything.
There should be no extra software installed on wallet computers — only proven software from the manufacturer.
You must be prepared for the fact that the most fault-proof system may not be available. You must have actual backups of all wallets. At the same time, they must be encrypted and sent to several places at once, e.g. to the cloud, to mail, a flash drive in a safe, an archive in a smartphone, etc. Choose a few options, better come up with your own, and use them. Make backups regular and stick to the schedule.
Strong Passwords and Encryption
Face the fact that your computer, phone, flash drive or access to your mailbox and other services may appear in the hands of attackers. In this case, it is necessary to prevent an attacker from gaining access to wallets. If all your devices are securely encrypted, and passwords are not like Qwerty123, at least you will gain time to transfer assets to other wallets, and at the maximum, obtaining devices and accesses will be useless for an attacker.
Set passwords to downloading and unlocking your smartphone. Computers should not have accounts without strong passwords. On web services, use two-factor authentication where possible. Set reliable and different passwords on all services and devices. It is advisable to change them to new ones at regular intervals.
Pay particular attention to software updates. Often, attackers use errors in the update algorithm or disguise the download of malicious software as updates. This has already been the case with some cryptocurrency wallets, for example, Electrum, when a message about the need for updates was displayed, and the trojan was loaded. Download only updates from official sites, and it is advisable to additionally check them.
Do not leave things unattended
Everything is clear about flash drives or a smartphone without a password. But in some cases, even a laptop can be hacked simply by inserting a device that looks like a flash drive into a USB port. But in reality it will be a hardware HID keyboard emulator and a set of exploits. So, after configuring all your devices, it is recommended that you prohibit the automatic installation of drivers and devices by activating the “Prohibit the installation of devices not described in other policy settings”.
What to do if a hack has already been detected?
- Disconnect the attacked computer from the network, check what is stolen, what is not.
- Transfer the remaining cryptocurrency and tokens to other wallets, if necessary, create them on a clean computer. To speed up the process, you can create temporary addresses in the most famous web wallets.
- Track where the coins went, maybe these are services like exchanges or online wallets. In this case, write to their support service urgently indicating the addresses, transaction hashes and other details. If possible, after sending the letter, call to voice the urgency of the situation.
- Change all passwords in a clean computer, even those that are not directly related to wallets. There was probably a keylogger that collected all the input information in the infected computer. New passwords must be reliable: long enough and not dictionary connected.
- Keep in backup all the necessary information from computers, smartphones and tablets, which you don’t want to lose. The backup should not contain files that are being compiled, or other files that could be infected. Encrypt backup. Make several copies of the backup in geographically dispersed places.
- Clear all flash drives, hard drives, reset the smartphone to the factory state and re-configure everything. If you plan to work in the future with very important information, or amounts that are much higher than the cost of the equipment, ideally it is worth changing the entire hardware.