The growing popularity of cryptocurrency users worldwide has drawn the attention from malefactors, hence increasing the number and variety of potential cyberattacks. It is important for a crypto wallet user to have at least a basic understanding of the threats and ways to prevent them from occurring.
The team at Atomic Wallet is deeply committed to implementing significant measures to diminish the possibility of such breaches, thus safeguarding the security and maintaining the integrity of our users' assets and transactions.
In this article, we’ll delve into how Atomic Wallet safeguards against various threats, including viruses/keyloggers, malware code injection, Man in the Middle attacks, DDoS attacks, and domain hijacking.
Table of contents:
Cryptocurrency Wallet TypesPossible security threats for crypto walletsViruses and KeyloggersMalware code injectionRansomware attacksDNS hijackingDDOS attacksMan-in-the-middle attackGeneral wallet security recommendations
Cryptocurrency Wallet Types
Before diving into the details of Atomic Wallets’ security arrangements, let us first look at what kind of wallets and services exist to get a better idea of how security is managed in the industry.
There are two main types of crypto wallets depending on which party holds the private keys: custodial wallets & non-custodial wallets.
Custodial wallets
Custodial wallets function similar to banks. They keep your funds and require you to set up an account, which will often include providing your personal information. Custodial wallets are also subject to financial regulators and will often have KYC and AML procedures in place. They are mostly used by centralized exchanges.
Custodial wallets are overall a more convenient option for a user, since they usually have lower fees, are easy to use, and can restore a user's account if the password was lost. On the flipside, the custodian has access to all of your funds and can freeze your account, preventing you from making transactions. This can happen if the platform suspects you of any fraudulent activity even for political reasons.
Non-custodial wallets
Non-custodial wallets give users full control and responsibility over their funds. In these wallets, the keys are generated, stored, and encrypted locally on the user’s device. There are two main types of non-custodial wallets: software and hardware wallets. The key difference is that a hardware wallet is a completely separate physical device that stores your keys, whereas software wallets are installed on a desktop or a mobile device and store your keys there. Hardware wallets are considered to be safer, but software wallets are easier to use.
Non-custodial wallets are anonymous and you don’t need to provide any information to set up a wallet. With these wallets, no one has access to your funds but you. There is no possible way for anyone to freeze your account or prevent you from transferring the funds, as well as recover your funds if you lost access to them. It is your responsibility to keep your funds safe.
Atomic wallet is a non-custodial software wallet. This means that your private keys are generated and never leave your local device. Your funds are safe on the blockchain, and as a software development company, Atomic has no access to your funds.
The funds stored on the blockchain are accessible via any other similar wallet app with 12 words backup or private keys. This is why you need to keep your private keys safe.
Possible security threats for crypto wallets
The most common ways to compromise crypto wallets are achived by using viruses/keyloggers, malware code injection, Man in the Middle attacks, DDoS attacks, and domain hijacking.
Now let’s take a closer look at different security threats that crypto wallets have to battle and examine how Atomic Wallet deals with these threats.
Viruses and Keyloggers
Viruses and keyloggers in particular, pose a significant threat to crypto wallets.
Keyloggers represent a category of malicious software that records keystrokes, focusing on capturing sensitive information such as passwords or private keys.
A keylogger is believed to be the culprit behind the LocalBitcoins hack back in 2015.
Atomic’s response to keylogger threat
- Firstly, Atomic wallet integrates a built-in feature of secure offline seed phrase generation. This means that the private keys are not exposed to the Internet during creation, hence minimizing the risk of keyloggers capturing sensitive information.
- Additionally, the wallet employs encryption to safeguard the stored data, ensuring the information remains unreadable and unusable even if a keylogger infiltrates the system.
- However, in case of using clipboard to copy-paste 12 words or private keys, you always have to make sure your local device is not infected by any malware. We suggest using anti viruses. As well keep your backup offline.
Malware code injection
Within cryptocurrency wallets, the term 'malware code injection' is typically used to denote the illicit insertion of harmful code into the wallet's software or related web pages. This injected code can potentially facilitate malefactors in commandeering the wallet, illicitly acquiring private keys or confidential data, or even surreptitiously manipulating transactions to divert funds into their personal accounts.
To protect itself from malware code injection, Atomic Wallet takes several measures:
- Each build goes through a verification process before it is released into production.
A separate security team thoroughly examines the build process, ensuring no signs of malware code injection or other security vulnerabilities. This additional scrutiny layer helps identify and address any potential risks before the software reaches end-users.
- Сareful management of third-party libraries and dependencies.
By ensuring that all third-party libraries used in the wallet are from trusted sources and regularly updating them with the latest security patches, Atomic Wallet mitigates the risk of malware code injection through compromised or vulnerable libraries.
- Regular security audits by reputable security firms.
These audits comprehensively review the wallet's codebase, architecture, and security practices. Subjecting the wallet to external scrutiny helps identify weaknesses or areas for improvement to enhance its overall security stance and protect against malware code injection and other security threats.
Ransomware attacks
Ransom attacks attempt to encrypt or seize control of a user's device and demand a ransom to restore access. Ransomware attacks can be extremely harmful, as an example, 725 BTC were sent to attackers of the infamous Conti ring.
Ransomware prevention mechanisms
- Atomic Wallet utilizes multi-layered security infrastructure to protect itself from ransom attacks, including encrypted data storage and secure communication channels. It helps safeguard users' devices and data from such attacks, providing an additional layer of protection for users and their funds.
- Besides, the wallet is designed so that the user can always access their funds from any device using their seed phrase or private keys, rendering ransom attacks pointless.
DNS hijacking
DNS hijacking can redirect users to fake wallet websites, where they may unknowingly enter their sensitive information, enabling the attackers to steal their funds. One of the most infamous examples of DNS hijacking is MyEtherWallet DNS hack.
Ways to prevent from DNS Hijacking
- To protect itself from DNS hijacking, Atomic Wallet utilizes Cloudflare DNS.
Cloudflare DNS is widely recognized as one of the most secure DNS services available. By leveraging Cloudflare DNS, Atomic Wallet strengthens the security of its domain and prevents potential tampering or exploitation of the domain records.
- In addition to that, Atomic Wallet relies on MarkMonitor Professional Domain Host.
Mark Monitor is a trusted service used by some of the most visited websites globally, including YouTube and Amazon. This helps ensure the reliability and security of the wallet's domain, minimizing the risk of unauthorized access or tampering.
DDOS attacks
DDoS attacks overwhelm a server with a flood of traffic to disrupt its normal functioning. For example, in 2021, a UK crypto exchange EXMO went offline for almost 5 hours due to a DDoS attack.
Atomic Wallet employs several measures to protect itself against DDoS attacks
- One of the key tools utilized are load balancers.
Load balancers distribute incoming network traffic across multiple servers to ensure optimal resource allocation and prevent any single server from being overwhelmed. By distributing the load evenly, load balancers help maintain a stable and uninterrupted service even during high-traffic periods or when facing DDoS attacks. They can dynamically scale resources, redirect traffic, and filter out potentially malicious requests, effectively mitigating the impact of DDoS attacks.
- Advanced traffic filtering systems and firewalls.
These systems monitor incoming traffic, analyze patterns, and distinguish between legitimate and malicious requests. They are designed to detect and block suspicious traffic, such as that generated by DDoS attacks, ensuring that only legitimate users can access the wallet services. These traffic filtering systems and firewalls are regularly updated with the latest threat intelligence to enhance their effectiveness in detecting and mitigating emerging DDoS attack vectors.
- Robust caching system.
By caching frequently accessed data and serving it from cache, rather than fetching it directly from the database or backend services, the load on the infrastructure is reduced. This helps to mitigate the impact of DDoS attacks by minimizing the strain on resources and ensuring smooth operation even under high traffic conditions. The caching system also allows for faster response times, enhancing the overall user experience while deterring potential attackers from causing disruptions.
Man-in-the-middle attack
Man in the Middle (MITM) attacks involve intercepting and potentially altering communication between two parties without their knowledge to compromise the system from within. You can learn more how North Korean hackers utilized this method of attack to steal $620m from Axie Infinity via a fake job offer.
One of the key methods Atomic Wallet employs for protection against MITM attacks is ensuring that critical information, such as wallet updates, is located in the so-called Demilitarized Zone (DMZ).
DMZ is a perimeter network that provides an additional layer of security to a company's internal local-area network, safeguarding it from potentially harmful external traffic. This approach makes it more difficult for potential attackers to gain any unauthorized access.
General wallet security recommendations
It is worth noting that while Atomic Wallet takes proactive measures to protect against multitude of different attacks, it is still a non-custodial wallet, and users should follow some basic security rules:
- Always make sure you use the most recent version of the app. You can always download the latest version of the app from the official AtomicWallet.io website
- Keep your seed phrase in a safe place offline, preferably on a physical device
- Create a unique password for your Atomic Wallet account and avoid using it anywhere else
- Don’t enter your 12 words backup or private keys to any online services or web forms. Never share them with anyone. Atomic wallet support team will never ask for private keys!
Atomic Wallet is dedicated to providing users with a robust non-custodial platform for managing digital assets.
Through continuous efforts to enhance security, including regular security audits, careful management of third-party libraries, and verification of builds, Atomic Wallet maintains a robust infrastructure that protects against various security vulnerabilities and potential data breaches.
