Skip to main content

Seed phrase saved involuntarily: text suggestions on smartphones dangerous for crypto users

 


Seed phrases are a random combination of words from the Bitcoin Improvement Protocol (BIP) list 39. This list specifies 2048 words that are rolled together to form a long password. This provides strong protection against unauthorized access to a user's crypto holdings. But what happens when your smartphone remembers the words and lists them in the suggested words once you access your digital wallet?


Andre is a 33-year-old IT professional from Germany and recently posted on the r/CryptoCurrency subreddit that he's discovered that his smartphone suggests the entire recovery seed phrase as soon as he types the first word.


He warned Reddit users and crypto enthusiasts in his post that hackers could use this feature to steal a user's money simply by typing the first word from the BIP39 list:


"It's pretty easy to attack with it. All you have to do is pick up a phone, go to any chat app and type any word from the BIP39 list. Then you just have to see what the phone suggests."

Speaking to Cointelegraph, Andre, who goes by the nickname u/Divinux on Reddit, told how shocked he was when he first saw his phone prompting the 12-24 word seed phrase directly. "At first I was very surprised. The first few words could be a coincidence, right?"


Being tech-savvy, the German crypto investor was able to reproduce the scenario, and his phone was actually able to accurately suggest the seed phrases. He immediately recognized the impact that could have if the phone fell into the wrong hands. "So I figured I should tell people that. I'm sure other people put their seed phrase into their smartphones too."


Andre's experiments found that Google's GBoard is the safest here, as the software doesn't suggest every word in the correct order. Microsoft's Swiftkey keyboard app, however, suggested the seed phrase in its entirety right after the first word. The Samsung keyboard can also predict words when the Auto Replace and Suggest Text Correction features are enabled.


Andre first came into contact with cryptocurrencies in 2015. Back then, he lost interest pretty quickly until he realized that he could use Bitcoin ( BTC ) and other cryptocurrencies to buy goods and services. Its investment strategy consists of buying and staking BTC and altcoins like Terra ( LUNA ), Algorand ( ALGO ) and Tezos ( XTZ ). “Then I use the average cost effect on BTC if it rises sharply.” The IT expert also likes to develop his own coins and tokens as a hobby.


According to Andre, to protect yourself from hacks, you should keep significant and long-term holdings in a hardware wallet. His advice to Reddit users around the world: "If you don't have the private keys, you don't effectively own the coins. Do your own research, don't panic at the last minute, never invest more money than you can afford to lose, double check always the address you send something to, always send a small amount first and disable your PMs in settings." Finally he said:


"Do yourself a favor and prevent this by clearing your text prediction cache."


Blockchain security firm PeckShield has warned the crypto community about some phishing websites that have specifically targeted users of the Web3 lifestyle app STEPN.


PechShield has discovered that hackers have smuggled in a fake MetaMask browser plugin that allows them to steal seed phrases from unsuspecting STEPN users.


Having the seed phrase also gives you complete control over the user's cryptocurrencies via the STEPN dashboard.

My Top Picks
Honeygain - Passive earner that pays in BTC or PayPal
MandalaExchange -The Best no KYC crypto Exchange! 
BetFury - Play And Earn BFG for daily Bitcoin and ETH dividends!
Pipeflare - Faucet that pays in ZCash and Matic, Games pay in DAI
Womplay - Mobile dApp gaming platform that rewards in EOS and Bitcoin
Cointiply - The #1 Crypto Earning Site
Torum - Join the latest Social Network and earn TRM for Free! 
LiteCoinPay - The #1 FaucetPay earner for Litecoin 
LBRY/Odysee - YouTube Alternative that lets you earn Money by viewing videos!
FaucetPay - The #1 Microwallet Platform
FREEBTC - The #1 FaucetPay earner for Satoshi's
FaucetCrypto - An earning/faucet site that pays out instantly
FireFaucet - An earning site that pays better for some than Cointiply
DogeFaucet - Dogecoin Faucet
xFaucet - BTC, ETH, LTC, Doge, Dash, Tron, DGB, BCH, BNB, ZEC, FEY - Claim every 5 minutes
Konstantinova - BTC, ETH, LTC, Doge, Dash, Tron, DGB, BNB, ZEC, USDT, FEY, 25 Claims Daily

Comments

Post a Comment

Popular posts from this blog

The 5 largest platforms for non-fungible token (NFT) collectibles

  Since the beginning of 2021, non-fungible tokens (NFT) have had no holding back and the sector is setting new records almost every day.  More and more artists, stars and brands are realizing the potential - NFT are well on their way to catapulting the crypto space into the mainstream.  But which collectibles are currently the most popular? What are NFT? NFT are unique tokens that cannot be exchanged one-for-one for an equivalent token.  Any asset that is tokenizable can be an NFT.  This includes, for example, (digital) works of art, trading cards, game items and crypto domains.  Theoretically, however, real estate or securities can also be mapped as NFT. NFTs can be used to transparently map ownership structures on a public blockchain.  This allows them to store value just like real objects, even if additional copies are easy to make.  For example, the original picture of the Mona Lisa is significantly more valuable than a photo, as everyone kno...
11 comments
Read more

CARDALONIA: THE CARDANO METAVERSE OPENS THE GATES!

  Have you ever been to Cardalonia? With these words, the Cardano Metaverse called Cardalonia starts the gates. In this 3D world, developers and users can interact with each other. First of all, users have to create an individual character with which they can move online. After that you can enter one of the worlds built by developers with this character. You can also purchase your own land in the Cardano Metaverse via the marketplaces in Cardalonia . This is secured by Cardano's blockchain technology and therefore offers a relatively secure transfer of ownership. Since these are only digital plots of land, it is not yet entirely clear when the plots of land are purchased whether they can also be sold again in the future. A possible profit cannot be estimated at the moment. In Cardalonia, the cryptocurrency Lonia is used. The maximum amount of tokens in circulation is 100,000,000. The team consists of Alice Sand (Co-Founder), Vasil Air (CTO) and Dustan Water (Fullstack Developer). T...
Post a Comment
Read more

Cardano: This is the vision that founder Charles Hoskinson has

  The Altcoin Cardano has tended to decline in recent weeks.  The Alonzo upgrade was supposed to bring improvements, but it soon turned out to be a disappointment.  Cardano founder Charles Hoskinson presented his vision for the cyber motto in a live Twitter video. • Cardano in the last few months under pressure • Charles Hoskinson explains his Cardano vision via Twitter • Security and privacy at the center The cryptocurrency  Cardano  has had a difficult few months.  While founder Charles Hoskinson's cyber motto has had a strong run in 2021, it has been steadily downhill in recent months.  Cardano is faced with some difficulties.  The so-called Alonzo upgrade went live in mid-September, for which crypto fans had high hopes, but which soon turned out to be a disappointment.  The upgrade should make it possible to use smart contracts on the cryptocurrency as well.  It soon turned out, however, that although these were entered into Cardano,...
Post a Comment
Read more