Threats to cryptocurrencies

Losing money forever

Cryptocurrencies being digital assets create a concern of losing money forever. In November 2017, a curious Ethereum software developer became the sole owner of multisignature wallets accidently while fixing a security flaw in Ethereum code. Multisignature wallets are the wallets which require more than one users’ signatures to transfer funds. To fix the bug the developer deleted the code locking the multisignature wallets permanently causing loss of $300m. A hard fork is being considered to resolve the issue. A hard fork is an update in the version of protocol to fix any security flaws, adding new functionality or reversing transactions. A hard fork makes previous valid blocks or transactions invalid or vice versa. After a hard fork has been implemented all the nodes need to update the software, nodes running old software protocol are not accepted.

How cryptocurrencies are stolen and ways to avoid it

There are number of stories of cryptocurrencies being hacked which causes a security concern to its users. For instance, in December 2017, a Bitcoin mining service NiceHash was hacked resulting $62m loss. However, the cryptocurrencies are very secure to use. The reason of these hacks are human negligibility and ignorance not many people knowing how cryptocurrencies are used. As discussed earlier the cryptocurrencies rely on public and private keys and it is almost impossible for a hacker to hack someone’s private key of their digital wallet.
There are two ways of buying cryptocurrencies

1. Making a wallet where private key is protected by the owner.
2. Creating an account with a third party like CoinBase. The third party takes care of private key and owner takes care of their login details only.

Stealing account password

The only way a wallet can be hacked is that the hacker tricks the wallet owner to reveal their login details or breaks into owner’s email account, resets account password and impersonates to the third party as the owner of the account.
--> This can be avoided by enabling the two-factor authentication.

Private key is revealed by owner

An owner reveals their private key. In a famous example, somebody showed their private key on TV and lost all their money because a hacker saw the key and emptied the wallet immediately. --> It can be avoided by never disclosing private key to anyone, keeping the key written on a paper and kept safe offline.

Hacker impersonates as a company

Hacker will make fake websites of legitimate companies and ask people to transfer funds which are sent to hacker wallet. Once the money has been transferred, it cannot be recovered.
--> This can be avoided by checking the wallet address before transferring funds.

Relying on an insecure third party

A wallet should be opened only with a trusted service. If trusted third party is not secure like NiceHash, money is never safe.

The Exit Scam

This is a scam where a company provides services of trade or exchange and vanishes with all the user’s funds or pretends to be hacked. In reality, the owners of the company do exit scam and vanish with people’s money.
--> To avoid this as mentioned above a wallet should be created only with a trusted company.
In essence, it is unfair to blame cryptocurrencies for these hacks. Cryptocurrencies are quite safe to use if user knows how to manage their digital money.

---