Cryptocurrency security company Harpie released an Android malware alert on September 9. More than 280 Android apps were found to use optical character recognition (OCR) technology to steal wallet recovery phrases from images on user devices.
Harpie reminds users to take the following safety measures:
Avoid installing apps outside the Google Play Store;
Ignore suspicious private messages or links;
Run Google Play Protect scans regularly;
Most importantly, avoid storing wallet recovery mnemonic phrase backups on your device
As soon as this news came out, the cryptocurrency circle was in an uproar, and many newcomers realized that there are so many applications that are eyeing your coins.
What happens to others is called a story; what happens to yourself is an accident.
Two classmates in the community once wrote to say that their coins had been stolen from their wallets, one of them was a new classmate who had just joined the circle.
The other one is a veteran in the cryptocurrency circle. He made a lot of money in the cryptocurrency circle. He earned more than 6 times the capital in less than a year with more than 100,000 yuan.
I can use various tools in the cryptocurrency circle, including various Polkadot wallets, Tron wallets, liquidity mining, extranet, Twitter, and taguarm, and participate in various gamefi games.
He was a professional cryptocurrency trader and still got hacked. To this day, he still doesn’t know the specific reason why his coins were stolen.
The process of the first student being stolen was very simple. He said he downloaded an imtoken wallet and synchronized the mnemonic phrase, and then all his coins were gone in a short while.
All the Bitcoin and Ethereum worth more than 200,000 yuan are gone, and then he asked me what happened, whether the money can be recovered, and whether it would be useful to call the police?
Actually, I didn't want to comfort him, but I still told him the truth. First of all, calling the police is basically useless, and the probability of getting the money back is very low. It is obvious that this was done deliberately by a scammer, and it was not an acquaintance who was robbed.
If it was stolen by someone you know, there is a chance to get it back by reporting to the police. However, based on his situation, I said that he had most likely downloaded a fake wallet, and then I sent him the official website address of imtoken. She saw that it was indeed fake. This is the first type, which is encountering a more impatient scammer.
The second classmate encountered a scammer who was not too impatient. The coins that were stolen were dot Polkadot coins. After he transferred the coins in, he did not do anything, and did not operate at all. After more than 10 days, the coins were suddenly gone.
You see, this scammer was patient. He originally thought that there was no need to rush to catch the big fish, so he waited for the student to continue to deposit coins into the account. However, after waiting for a few days, he didn't get any money, so he probably couldn't wait any longer and transferred the coins away.
In other words, the scammer had already obtained the private key of his wallet a few days ago, but he just didn't move it. You couldn't find out anyway, so he was just waiting for you to transfer coins to this wallet, and when you had transferred enough coins, he would transfer them away all at once.
However, I can’t explain how this classmate’s private key was leaked. I think it is likely that he scanned a QR code 10 days ago.
Or when he was shorting, or when he authorized a fake decentralized exchange or blockchain game project, the private key had been leaked.
Or you clicked on a link in the group and a Trojan was installed on your phone, or a monitor was installed in the background. After this monitor was installed, every step you took on the phone would be recorded.
Then the scammer will analyze your mnemonic phrase or private key password based on where you click on the screen. This is because he has participated in so many fraudulent projects that he may not even remember which specific project or which operation he made.
So, my advice to this classmate is to change his mobile phone, to an Apple IOS phone. Even if you buy a second-hand Apple 13, the price is not expensive.
I have actually said this many times before. I have encountered at least a dozen students whose coins were stolen, but I have never encountered a case where an IOS phone user was stolen.
Because the IOS system has already helped you block 99% of the scammers. First of all, the IOS system is closed, and various Trojan plug-ins find it difficult to invade the Apple system. Secondly, Apple’s application review is extremely strict, and it is difficult for scammers’ fake apps to pass the review.
For example, the first student whose phone was stolen downloaded a fake imtoken wallet, which cannot be installed on an Apple phone because the scammers have not developed an Apple version of the fake app.
All fake apps in the cryptocurrency world, including wallets and exchanges, basically use Android phones to commit fraud. There are also some junk software that copy and paste in the background, all of which are Android. It is very common for novices to accidentally copy private keys or mnemonics and their wallets are stolen soon after.
Therefore, for Apple IOS mobile phone users, as long as you do not actively transfer money to scammers, the currency is relatively safe.
You can also use a second-hand Apple phone, but try not to use someone else's Apple ID. If you buy a public ID from overseas, this number can only be used to log in to the Apple App Store, not Apple's iCloud.
Try not to buy the shared ones. If you want to use one, get your own Apple overseas account.
If you use this phone specifically for cryptocurrency trading, you can change the country you choose when applying for the number. You can change it to Taiwan or Hong Kong. Try not to choose China.
Of course, if you want to use this phone while trading cryptocurrencies, you can apply for two accounts, one domestic account to download various domestic apps, and one cryptocurrency trading account to download cryptocurrency applications.
Remember, if you bought a shared account for cryptocurrency trading, do not log in to iCloud. If you have already logged in, transfer the coins out tonight, because scammers can steal your coins at any time.
The shared number you bought can be restored by others through email or other means. At that time, he can restore the data on your phone through iCloud, including your wallet data.
If you take screenshots or back up account password mnemonics to your phone's memo while using your phone, it will be even more unsafe.
Don’t take security issues lightly. I’ve lost coins before, so I fully understand the feeling of losing coins.
Zhao Benshan once said a very classic sentence, which is that the greatest pain in the world is to lose your money while you are still alive. You can imagine how it feels to lose your currency while you are still alive.
Therefore, once your coins are lost or stolen, it is too late to say anything. Generally, the police will not file a case because in our legal system, Bitcoin is a virtual commodity, no different from the Dragon Slaying Sword and the Heavenly Sword in the game.
The police will only file a case for investigation when they are not too busy or when they have a good relationship with you. Moreover, even if you have strong connections and the case is filed, the chances of finding the coins are very slim.
Don’t lose your coins because of your laziness or carelessness. If you want to develop in the cryptocurrency circle for a long time, you must put security issues first.
So which mobile phone is best for cryptocurrency trading?
Huawei, Apple, Xiaomi, VIVO, or OPPO?
All the software we use to check the market, exchanges, wallets, information, etc. are installed on our mobile phones. It is conceivable that the security of our account passwords is our top priority.
The choice of mobile phone is not the brand, but the operating system. Between Android and IOS, IOS is undoubtedly the first choice.
Similarly, the strongest and most secure IOS must be the latest iPhone 16. Perhaps the FBI can now crack 11, 12, and 13.
But the latest 16 has just been launched on the market, so it is undisputed that it must be the most secure consumer mobile phone in the world.
If you have less assets, such as if you are a student and have only a few thousand or tens of thousands of dollars in the cryptocurrency world, it doesn't matter if you use Android. You can switch to Apple when you have more funds.
Or you can buy a second-hand Apple computer as we mentioned above, but the second-hand one must be able to be restored and erased.
If you have a lot of assets, it is better to use a brand new one. After all, the iPhone 16 is only 5,999 yuan, which is a drop in the bucket compared to our currency.
I think the ideal way is to use two mobile phones, with separate card machines, that is, the SIM card you use to register your account should not be on the same phone as the one you use to check the market and the exchange.
This can disperse the risk. Even if a mobile phone has security problems (such as being hacked, robbed in real life, the phone is lost, etc.), the security of the account will not be affected because the other party cannot get the verification code.
In short, for safety, you must have an iPhone to play cryptocurrency.
over.
Pin more exciting content and blockchain book learning materials compiled by the community to the top of the homepage.
