/dq/media/agency_attachments/UPxQAOdkwhCk8EYzqyvs.png)
Follow Us/dq/media/media_files/6gCYjyTkMsF6n0wzq4PI.png)
Digital Assets
Despite market volatility, the adoption of crypto wallets has surged as new investors flock to cryptocurrencies, NFTs, and tokens. Unfortunately, this growth has also been accompanied by increased fraud and attacks on crypto wallet apps.
Crypto wallets are typically categorized into two types: hot wallets, which are online and offer more convenience but are potentially less secure, and cold wallets, which are offline and provide greater security but are less convenient. Consider the vulnerabilities particularly associated with hot wallets. Imagine a scenario where a user unknowingly downloads a Trojan malware app onto their device, such as the Android Trojan 'Sharkbot,' this malware can exploit the internet-connected nature of hot wallets to steal significant Bitcoin amounts—up to USD 600,000. It performs unauthorized transfers from crypto and banking apps on compromised devices, bypassing verification systems—a risk significantly reduced in offline cold wallets.
According to a Chainalysis report, the number of hacking incidents grew from 219 in 2022 to 231 in 2023, indicating a persistent and evolving threat environment. India, notably, has become a significant player in the crypto market, leading in grassroots adaptation and ranking as the second-largest crypto market by transaction volume, with transactions exceeding $260 billion. This burgeoning market makes securing crypto wallets more critical than ever.
Particularly concerning is that cyber threats are constantly growing in sophistication, Awareness is critical and organizations need to keep an eye out for these five attacks:
Stealing Locally Stored Passphrases or Private Keys
Regardless of wallet type, passphrases or keys must be used for transactions, making them vulnerable to malware on connected devices. Unencrypted data in memory, application sandboxes, SD cards, preference areas, or clipboards can be easily harvested. Implementing data-at-rest encryption is a fundamental step in protecting this locally stored data.
Harvesting Passphrases or Private Keys During Entry
Passphrases and keys can be stolen when users enter them into the crypto wallet app through methods like over-the-shoulder attacks, keylogging malware, or overlay attacks. Keylogging malware captures keystrokes digitally, while overlay attacks trick users into entering information into a malicious interface. Additionally, screen sharing, screenshots, or screen recording can expose confidential information. To combat these threats, developers should ensure robust input protection and implement measures to prevent screen sharing and recording of confidential information.
Dynamic Attacks Against Crypto Wallet Apps
The integrity of the platform running the crypto wallet app is crucial due to the transactional dependency between the mobile client and the blockchain. Jailbreaking, rooting, and tools like Liberty Lite and Magisk can be used with malware to interfere with app-blockchain communications. Preventing the app from running on jailbroken or rooted devices, blocking dynamic hacking tools, and employing comprehensive code obfuscation can significantly enhance security.
Man-in-the-Middle (MitM) Attacks
Both centralized exchanges and decentralized exchanges (dApps) are vulnerable to MitM attacks, TCP Reset attacks, and trojan attacks. The data-in-transit used by crypto apps is critical, including transactions, amounts, and passphrases. Enforcing SSL/TLS for all communications, setting minimum TLS versions, and enforcing cipher suites are critical measures. Developers should consider holistic MiTM defenses to safeguard against malicious dApps attempting to establish insecure connections with legitimate crypto wallet apps.
Protecting SDKs in Crypto Wallets
To address these diverse threats effectively, implementing comprehensive security measures is vital. By integrating SDKProtect, developers can enhance the security of their apps through features such as tampering detection, anti-debugging, and runtime protection. These measures provide a robust defense against various attack vectors, helping safeguard crypto wallets from emerging threats.
The increasing adoption of crypto wallets brings with it a heightened risk of cyber attacks. Understanding the top attack vectors and implementing effective security measures is crucial for protecting digital assets. By leveraging advanced solutions like SDKProtect and adhering to best practices in app development, crypto wallet developers can enhance the security of their apps, providing users with a safer and more reliable experience.
Authored by Jan Sysmans, Mobile App Security Evangelist, Appdome