Image source: Chain News
Twitter account @0x_Lens shared a video that is only about 46 seconds long but involves a cryptocurrency theft case worth up to $100,000. As Bitcoin prices continue to reach new highs, attracting many users into the world of cryptocurrency, this article will briefly introduce the origins of the incident and remind readers of the correct cybersecurity concepts.
In just ten seconds, the streamer's mnemonic phrase leak resulted in a loss of $100,000.
In the video, you can see that the streamer first closed the browser, at which point the mnemonic phrase displayed on the desktop (in the upper-left corner of the video) was completely exposed during the live broadcast. All of this happened in just ten seconds, and he immediately switched back to the browser page and checked his Phantom wallet, only to find that hundreds of thousands of dollars in cryptocurrency had already been transferred away. At this point, he began to panic, confirmed the wallet had been hacked, and started angrily smashing the keyboard during the live stream, which caught the attention of friends in the room.
And all of this returns to the most basic concept that on-chain ownership recognizes only the mnemonic phrase, not the person. This means that as long as you hold the address private key or mnemonic phrase, you can hold the assets, and it is not who created the wallet that holds the assets.
However, later @0x_Lens found that this was all staged by the streamer; in fact, no theft occurred.
Cold wallet service provider warns: There is a risk as long as you are online.
Generally speaking, wallets are divided into custodial and non-custodial wallets; custodial wallets are like centralized exchanges. Most wallet service providers are non-custodial wallets, meaning the private keys and mnemonic phrases are only known to the users themselves. The previously reported DEXX private key leakage incident claimed to be a non-custodial wallet, yet the official had access to the private key data. Continuing this topic, we might gradually examine whether commonly used trading bots are truly non-custodial wallets.
Cold wallet supplier OneKey has compiled various wallet attributes in Chinese, including so-called custodial wallets or online mobile wallets, which are all considered high-risk. Writing down the mnemonic phrase on paper, using a cold wallet, and installing a cryptocurrency wallet on an offline old wallet would be a safer approach.
Click here to learn more about (cold wallets).
Private keys must be stored offline; Not your key, not your coin.
For new users, the first step in creating a wallet should be to write down the mnemonic phrase (typically a sequence of 12 to 24 words) in order on paper and store it properly (Note: as previously mentioned, on-chain assets recognize only the mnemonic phrase and not the person; it is crucial to preserve the mnemonic phrase, as losing it will result in the inability to access the assets). Another approach is to manually delete the last five characters when copying the private key and write down those last five characters on paper, which would be a more convenient method.
The most important thing is that there is a risk as long as the device is online; thus, if the asset quantity is large, it is highly recommended to purchase a cold wallet and store it properly. Just like the famous saying in the blockchain world: Not your key, not your coin.
[Disclaimer] The market carries risks, and investment should be cautious. This article does not constitute investment advice; users should consider whether any opinions, views, or conclusions in this article align with their specific circumstances. Investment based on this is at your own risk.
This article is authorized for reprint from: (Chain News)
‘Stolen 3.2 million TWD in ten seconds? A cryptocurrency influencer live-streamed ‘leaked mnemonic phrase’, angrily smashed the keyboard, scaring friends’ - this article was first published on ‘Crypto City’.