After a string of heists crippled Bitcoin exchanges like Mt.Gox and Silk Road, many Bitcoin users are terrified that their Bitcoin wallets aren’t secure. If you want to continue to use Bitcoin, we have some quick tips for avoiding malicious Bitcoin malware and keeping your Bitcoin wallet safe from hackers.
1. Switch to a ‘Split’ Wallet
Forbes reports that there are over 150 different types of Bitcoin-theiving malware out there. The safest thing you can do with your Bitcoin stash is switch to a “split” wallet. Forbes explains how that works:
“…researchers advised that Bitcoin holders use a so-called ‘split’ wallet, where the necessary keys to spend the majority of a user’s coins are kept on a separate computer that’s not connected to the Internet.
To move those coins, the user generates a transaction on their everyday-use machine, carries it via USB stick over to their secure machine where it’s cryptographically signed with the private key, and then brings the signed transaction back to the online machine where it’s broadcast to the Bitcoin network.
The process may be more time consuming, but it’s far safer from Bitcoin-stealing malware. And SecureWorks points to new ‘hardware wallets’ like the Trezor wallet scheduled to become available sometime in the next month, which are designed to make that more secure process much more convenient.”
2. Don’t Rely on Anti-Virus Software to Detect Bitcoin-Stealing Malware
Cyberoam, a Sophos company, has an interesting blog post that sheds light on a little-known issue. Not all anti-virus software can detect Bitcoin-stealing malware. The blog post notes that one common bit of Bitcoin malware could only be detected by 8 out of 37 antivirus testers.
Computerworld adds that some Bitcoin malware is disguised as a Bitcoin price tracker.
The bottom line: your run-of-the-mill anti-virus software probably isn’t sophisticated enough to protect you from Bitcoin-stealing malware.
3. Diversify Your Cryptocurrency Portfolio
Forbes notes that Bitcoin is by far the most stolen type of cryptocurrency. Forbes explains:
“For now, other cryptocurrencies aren’t targeted nearly as often as Bitcoin…Only 9% of the malware sought to steal Litecoin in addition to Bitcoin, for instance, and more obscure cryptocurrencies like Dogecoin, Freicoin and Anoncoin were stolen by less than 1% of the malware.”
Given the recent price hit Bitcoin has taken, some users might want to exchange their Bitcoin for other cryptocurrencies that are less appealing to thieves.
4. Use a Mixing Service
Bitcoin: Because your financial security should fully depend on a Magic: The Gathering server.
— Funny Or Die (@funnyordie) February 25, 2014
Even if you split your wallets into wallets for saving and wallets for spending, a savvy hacker can work out the relationship between the two wallets and follow the money to its source. Many Bitcoin experts say that the best way to prevent hackers from making the connection from your Bitcoin “checking” and “savings” accounts is to use a “mixing service.”
These are sometimes called “Bitcoin laundries,” and they are a somewhat debated topic in the Bitcoin community. Forbes sums up how they work fairly succinctly:
“The emergence of services that mingle bitcoin for the purpose of returning bitcoin not associated with the original input address has had a somewhat spotty history. Also called bitcoin laundries, these web-based services charge bitcoin holders a nominal fee to receive different bitcoins than the ones initially transferred. The sites never handle national currencies like the dollar or euro so technically they are not exchanges. Also, the administrator of the service has to be trusted to delete any archival logs and not to run off with the coins.
The largest such service operating today is the Blockchain.info mixing service which has a maximum transaction size of 250 bitcoins and a 0.5% transaction fee. Transaction logs are removed after eight hours and customers can use the taint analysis tool to verify that coins were properly mixed. Other services include BitLaundry and The Bitcoin Laundry operated by Mike Gogulski.”
5. Use Paper to Store Your Bitcoins, Not Computers
This article sums up why I find cryptocurrency so fascinating. "Bitcoin security model: trust by computation" http://t.co/YPZvdLBuMK
— John Lester (@Pathfinder) February 21, 2014
Coindesk has an interesting article about how to store Bitcoins. They make a compelling argument for using paper and going offline to store your Bitcoin stash.
“Bitcoin wallets store the private keys that you need to access a bitcoin address and spend your funds. They come in different forms, designed for different types of device. You can even use paper storage to avoid having them on a computer at all…
Well, to be absolutely accurate, you don’t technically store bitcoins anywhere. What you store are the secure digital keys used to access your public bitcoin addresses and sign transactions. This information is stored in a bitcoin wallet…
There are several sites offering paper bitcoin wallet services. They will generate a bitcoin address for you and create an image containing two QR codes: one is the public address that you can use to receive bitcoins; the other is the private key, which you can use to spend bitcoins stored at that address.”