HODLing at home? This way you reduce the risks of theft and robberies

Last week it turned out that a man in Leeuwarden was the victim of a brutal home robbery. The perpetrators were after his wallets and mistreated the man until he revealed them. Undoubtedly a nightmare scenario and cause for concern for many bitcoiners. That is why we offer a number of tips on how to protect yourself against these types of attacks.

Bitcoins are digital and therefore it is obvious that a lot of attention is paid to protecting against digital risks such as hackers or viruses. Fortunately, a hardware wallet offers protection against such high-tech threats in many cases.

Other and more low-tech threats often receive less attention. Think of the loss of wallets and seed phrase backups due to water or fire damage. Or, as in Leeuwarden, as a result of the infamous ‘$5 dollar wrench attack’ .

$5 dollar wrench attack

The $5 dollar wrench attack takes its name from the fact that you can go very far in digitally securing your wallets, but that protection can sometimes be completely circumvented by simply working a victim with a cheap tool until he or she has the wallets. That is roughly what happened in Leeuwarden.

Above: XKCD

A harrowing drama, whichever way you look at it. However, there are ways to protect yourself against these types of attacks as well. Below we give a number of safety tips that you can use for this.

 

Privacy

The best way to protect yourself is to avoid becoming a target. Therefore, tell as few people as possible that you own bitcoin.

Also, never tell how much bitcoin you have. After all, if you keep thousands of euros in an old sock at home, you won’t tell everyone. Maybe your assets aren’t worth that much now and you don’t think the risk is that great, but consider if the price might be much higher in a few years. Once you’ve told how much you have, you can’t undo it in the future.

Preferably do not say when you bought, because then people will also know roughly what price you paid. After all, with a little bit of inside information about you and an indication of your purchase price, an estimate can be made about how much you may have. Those estimates are often too high; it is easy to think of bitcoiners that they are rich.

Spread risk

Don’t put all your eggs in one basket. Consider spreading your bitcoins across several wallets and keep the backups in different places so that you don’t lose everything at once in case of loss.

However, do not go too far (!) , because the more wallets and backups you hide, the more complicated it is for yourself to properly secure and remember everything. The risk of loss due to user error is in many cases still far greater than the risk of a physical attack. Therefore, find the right balance.

Decoy walllets & passphrases

Some bitcoiners keep a smaller amount on a wallet that serves as a decoy wallet. In the event of a robbery, you can give it away. If the amount is convincing enough, the perpetrators may be satisfied with it and will not look any further for a possible other wallet. Make sure it looks like a normal wallet and don’t put too little in it, no matter how unfortunate it is if you lose it. Your own safety and health are still worth more.

Various hardware wallets offer the possibility to link hidden extra wallets to your seed phrase using ‘passphrases’. In addition, you add an extra self-chosen word to your seed phrase , with which you approach a completely different wallet. It is not visible to attackers whether you use such an extra wallet.

You can use them with the decoy wallet strategy above. For example, you fill the standard wallet with a smaller amount and you store a larger amount in a secret wallet that is invisible to outsiders. Sometimes you can also create multiple secret wallets, which makes it completely difficult for attackers to know whether there is more loot to be gained.

Multisig

If you are unable to move the funds, a malicious person cannot force you to do so. Many companies and wealthy bitcoiners therefore use multisig solutions to secure their bitcoins. Normally, one bitcoin wallet signs to send bitcoins from a bitcoin address, but multisig requires multiple signatures. A bit like a safe that can only be opened with two or more keys. As a result, a malicious party cannot simply force a potential victim to reveal the funds, because the signature of others is also required.

A well-known example is the 2-of-3 multisig strategy. In addition, there are three sets of private keys and funds can only be sent if signed with at least two of the three. None of the three provides access by itself, and if one of the three falls prey, there are still two other sets of private keys that provide full access.

Multisig contracts can be made as large and complicated as you want. You choose how many sets of private keys there are and how many signatures are required. For example, you can also create a 3-of-5 multisig address, or if necessary a 10-of-20.

Your funds are thus quite well protected, but you may introduce additional risk for yourself. After all, it may take some time before malicious parties actually believe that you are unable to disclose the funds. Therefore, consider keeping a document in which you explain the strategy, so that you can show any malicious parties that you are not making up an excuse on the spot.

*Tip: Bitcoin company Casa specializes in ready-made multisig solutions to protect your funds against theft and robberies. Have a look at their website.

Location

If you don’t keep your seed phrase at home, an attacker carrying out a home robbery has a problem. It makes a successful attack considerably more risky because attackers spend more time and have to move around, increasing the chance that they will be visible on camera images or leave other traces.

A notary or a safe deposit box at the bank may be suitable storage locations. The further the location is from your home, the more difficult it is for the attackers.

If you keep your seed phrase in such a place, consider that a staff member could theoretically open your locker. Maybe that’s why it’s good to ‘cut’ your seed phrase into several parts and keep the parts in different places. This provides an extra layer of security. It is best not to do this yourself, because a smart attacker can find out the rest based on one part of a seed phrase. Therefore, preferably use something like Shamir’s Secret.

Timelocks

You can ensure that your bitcoin wallet is only accessible at certain times. A malicious person who comes at the wrong time then misses the net.

For technical users, Bitcoin offers the option of timelocks . You deposit the funds to a bitcoin address, which is limited via a smart contract in such a way that the bitcoins can only be sent if the conditions are met. Such a condition may be that the bitcoins can only be sent between block X and block Y, but not beyond that. Be careful not to make any mistakes and accidentally permanently encrypt the funds, because even then the blockchain is mercilessly reliable.

A more simple way is to store your seed phrase somewhere where access is restricted. For example, in a safe deposit box at the bank. A malicious person then not only has to wait until the bank is open, but you also benefit from the security measures that the bank has taken.

Home security

If you keep valuables at home, no matter what kind of possessions they are, it’s probably a good idea to think about home security. There are various companies in the Netherlands that specialize in home security, where you can take out subscriptions for, among other things, anti-burglary prevention, an alarm or a panic button emergency switch. Such companies call the police in an emergency.

A camera system can also help. This is a deterrent and the images can help the authorities in the investigation in the event of theft. If you do not store the camera images at home and restrict access, they are also out of reach for the perpetrators.

Finally

$5 wrench attacks are disturbing and it’s good to think about the risks, but don’t be fooled. Recent studies estimate that there are almost a million people in the Netherlands who own bitcoin and the number of incidents is relatively small. Moreover, most bitcoiners only own a small amount and given the risks, that makes the cost-benefit calculation of a random attack not very attractive.

Often there is more going on with physical attacks. Perpetrators usually know exactly what they are coming for, because they have gained insider knowledge through others or the victim themselves or because the sudden wealth of the victim has become noticeable.

Investigation services are also getting better at tracing criminals and stolen funds. Transactions on the blockchain are publicly visible and stolen bitcoins are therefore quite easy to track. Blockchain analysis companies offer special software for this, which many investigative services use. Bitcoin brokers and exchanges also use such tools to detect and block criminal money flows.

It is therefore very difficult for criminals to anonymize or launder stolen bitcoins – even the most technical and knowledgeable bitcoiners will agree.

Digital threats are relatively more common, but fortunately you can largely protect yourself against them with the help of hardware wallets. You can read more about it here.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

© 2024 Cryptocoin Budisma.net