Hello Everyone,
Lately, it seems many people are getting their wallets hacked lately, please follow these simples rules to avoid getting hacked.
-
NEVER SHARE YOUR SEED PHRASE.
-
The next best is NEVER CLICK A LINK THAT SOMEONE DMs YOU.
-
Third, use a good antivirus, such as McAfee, AVG, etc. to protect the physical computer. Good hygiene is to use one at all times.
-
Avoid fishy DeFi websites and exchanges.
-
Avoid unsafe smart contracts.
-
Install Phisfort on your browser.
The main reasons you might be hacked are:
-
Attackers get access to your private keys via malware or phishing.
-
The keys are encrypted by the password, but an attacker can brute force the password easily unless it’s a very strong password. Of course, an attacker can also get your password through malware or phishing.
-
An attacker that has your unencrypted private keys has full access to your funds.
-
Your public address is technically safe to share, but doing so may create privacy issues and make you a target for scammers. This also means that, if you interact with your wallet on a website or with a contract that a scammer controls, you are giving the scammer data that may make you a target.
-
The mnemonic phrase is a human-friendly presentation of your private key. It should be stored safely offline. The mnemonic phrase (or private key) can be used to recover your wallet, but only do this if you are 100% sure you don’t expose it while doing so.
-
Do not use your wallet for more than what you consider pocket money. For larger amounts use a hardware wallet. It might be better to keep your funds on a reputable exchange than it is storing your keys on a potentially unsafe device, but of course exchanges (and your account on the exchange) can be hacked too.
-
Note that not all smart contracts are safe to use, and even if the contract is safe, the website that you use to interact with it does not have to be safe. Just because it’s a smart contract on a blockchain, does not mean it’s also decentralized and safe to use.
In order to safely participate in DeFi, at the least the blockchain has to be decentralized, the smart contract has to be safe (preferably audited, although that’s no guarantee it’s safe), and the website that is used to interact with the contract has to be safe.
In case you already have been hacked, what you need to do:
1 - Report to the IC3 if you are in the US (action fraud if you are based in the UK).
2 - Seek legal assistance. The best crypto solicitors out there are
-
Crypto Legal: info@cryptolegal.uk
-
Silver Miller Law: dsilver@silvermillerlaw.com
-
Roche Fredman: robert.fredman at dechert dot com
Solicitors are the ONLY people that can actually freeze the stolen assets and retrieve them, don’t hire white hat hackers, “crypto recovery” companies, or anyone else that says that they can recover your stolen assets, you will definitely get scammed!
3 - Report the theft to the wallet provider, it’s highly unlikely that they would help with anything, but law enforcement and solicitors might need this fraud report at a later stage.
4 - Stay calm, stay cool, it’s just money, if you have any kind of suicidal thoughts you can call the suicidal prevention lifeline (24/7):
US: 1-800-273-8255
UK: 116 123