Decrypting the Solana Wallet attack and how investors can safeguard their crypto holdings

Decrypting the Solana Wallet attack and how investors can safeguard their crypto holdings

Solana’s hack is one of the major events that happened this week. These are my additional comments.

According to a tweet on Solana account. “There is no evidence the Solana protocol or its cryptography was compromised.” I think we should not take this lightly. I would expect a full postmortem later this week to address to the attack.

The addresses that were affected by the attack were at one point created, imported or used in the Slope mobile applications. Private key information was also accidentally sent to an application monitoring service. I think a decentralized network should stay independent and operate purely by codes. This can help to reduce similar problems.

Whether it is a bridge exploit or supply chain attack, the root problem is still uncertain. I would suggest users to create a new wallet, move their funds over to the new wallet and delete the old ones. Users for the time being can also consider moving their funds to the more reputable centralized exchanges or hardware wallets too. Keeping assets secure amid the uncertain situation is the best way for now.

I think the rest on the network should check on their codes and increase their security to prevent any other possible exploits that could happen. Never be too sure and let your guard down.

 

 

Decrypting the Solana Wallet attack and how investors can safeguard their crypto holdings

With reports indicating around 8,000 ‘hot’ wallets were compromised in the attack, experts advise investors to switch to hardware wallets for better security.

Close on the heels of cross-chain messaging platform Nomad being the target of a $200-million crypto heist, investors using ‘hot’ or internet-connected crypto wallets on the popular blockchain Solana were under attack from an unknown bad actor.

 

Over $8 million stolen from 8,000 investors

With crypto holdings worth over $8 million stolen from approximately 8,000 investors, this latest attack has raised many questions about the security offered by both the Solana network and ‘hot’ wallets that are quite popular with the average crypto investor.
While Solana’s official Twitter account was quick to clarify that the attack was not the result of any compromise in the network’s software, it added that its team of engineers is fervently working with security researchers and ecosystem teams to identify the root cause of this wallet hack.

Create new wallets, delete old ones

“While it is my opinion that a decentralised network should stay independent and operate purely by codes, I think the team at Solana should re-check all their partner systems and increase their security to prevent any other possible exploits. Investors ought to remain vigilant and take necessary precautions at their end,” he said.

“I would suggest users create a new wallet, move their funds over to the new wallet and delete the old ones. They can also consider moving their funds to the more reputable centralised exchanges or hardware wallets too. Keeping assets secure amid the uncertain situation is the best way for now,” he added.

Preliminary investigations have revealed that this exploit was limited to just the Slope wallet on the Solana ecosystem, while hardware wallets used by Slope remained unscathed.

According to Solana, affected wallet addresses were at one point created, imported or used in Slope mobile wallet applications, and their private key information was transmitted to an application monitoring service.

 

Do not store private keys on computers

Commenting on the Solana network and the underlying sentiment, Lin, a senior analyst at Block Review, said according to his statistics, there were 10.5 percent negative sentiments for Solana in the last seven days, while Ethereum had around 6.2 percent and anything below 15 percent is still okay in his opinion.

“Coming back to the private keys that were compromised, I think any of this information should never be on any computer at any given time. This part should be taken care of and well audited by the wallet providers. Users, on the other hand, have to take extra care of their private keys and seed phrases,” Lin said.

Solana has already urged investors affected by the attack to abandon the affected wallets as they could still be compromised even after revoking wallet approvals.

While the exact modus operandi employed is still unknown, crypto industry leaders have highlighted that the suspect transactions were properly signed, further indicating that it could be a supply chain attack with a specific focus on Slope ‘hot’ wallet users.

 

Investors should opt for cold or hardware wallets   

Elaborating on how hackers can still steal from a compromised wallet, Raj Kapoor, founder of India Blockchain Alliance, said since private keys are stored in application and device wallets, hackers can access them and steal cryptocurrencies and that sums up the Solana hack.

“If your wallet has been compromised, it’s paramount that you transfer any existing funds from your compromised wallet to another wallet. Hackers will wipe your account of funds immediately, but if you’re lucky and they have not done this yet, it’s time for investors to take immediate action,” he added.

Since most hacks happen to hit “hot” wallets, investors should opt for cold or hardware wallets instead. While investors may need some of it online for transactions, they should keep what they need in the short term and store most of it offline.

A cold crypto wallet, which is similar in size to a USB device, holds a private key that can be used to access your funds. Investors can set their own private keys as well.

 

Use multi-factor authentication

Investors should also use multi-factor authentication (MFA) as this creates a layered defence on their account with independent credentials based on a password, security token, and/or biometrics.

Phishing is another danger and to prevent it, investors should never log in to their cryptocurrency exchange unless they are sure they are on the correct site.

 

Do not share information over texts, emails

Additionally, investors should not trust texts, emails or chats that ask for your personal information.

Avoiding public WiFi is also a great idea as is updating your software from time to time. Regularly changing the passwords is great as well. Change the password regularly and use a password manager like LastPass or 1Password.

 

‘Hot’ wallets are vulnerable

As Solana continues to work with Slope Finance in conjunction with their partners OtterSec and SlowMist to restore normalcy, this incident again serves to highlight the vulnerability of ‘hot’ wallets to cyberattacks, despite the faster transaction times offered by them.

Comprising the entire collection of web-based, mobile and desktop wallets available today, ‘hot’ wallets should be used in conjunction with ‘cold’ or hardware wallets to strike the perfect balance between speed, functionality and security.

For those actively trading in crypto tokens and other crypto assets, it is recommended to hold trading funds in a ‘hot’ wallet while the bulk of their crypto holdings remains secure in a ‘cold’ or hardware wallet.

Nearly impossible to hack hardware wallets

Since a user’s private keys never leave the device, stealing funds from a hardware wallet is an almost impossible task for malicious cyber entities. Ranging from 50 to a few hundred dollars, the security offered by these hardware wallets more than compensates for the one-time costs involved and is highly recommended for all crypto investors out there.

Anndy Lian is an early blockchain adopter and experienced serial entrepreneur who is known for his work in the government sector. He is a best selling book author “Blockchain Revolution 2030”.

Currently, he is appointed as the Chief Digital Advisor at Mongolia Productivity Organization, championing national digitization. Prior to his current appointments, he was the Chairman of BigONE Exchange, a global top 30 ranked crypto spot exchange and was also the Advisory Board Member for Hyundai DAC, the blockchain arm of South Korea’s largest car manufacturer Hyundai Motor Group. Lian played a pivotal role as the Blockchain Advisor for Asian Productivity Organisation (APO), an intergovernmental organization committed to improving productivity in the Asia-Pacific region.

An avid supporter of incubating start-ups, Anndy has also been a private investor for the past eight years. With a growth investment mindset, Anndy strategically demonstrates this in the companies he chooses to be involved with. He believes that what he is doing through blockchain technology currently will revolutionise and redefine traditional businesses. He also believes that the blockchain industry has to be “redecentralised”.

j j j

Anndy Lian’s Speech at Asia Crypto Summit, 18 July 2022- Navigating NFT: Who, What & How

Anndy Lian’s Speech at Asia Crypto Summit, 18 July 2022- Navigating NFT: Who, What & How

Anndy Lian, an all-rounded business strategist in Asia. He has provided advisory across a variety of industries for local, international, public listed companies and governments. He is an early blockchain adopter and experienced serial entrepreneur, book author, investor, board member, and keynote speaker.

Currently, he is appointed as the Chief Digital Advisor at Mongolia Productivity Organization, championing national digitization.

Prior to his current appointments, he was the Chairman of BigONE Exchange, a global top 30 ranked crypto spot exchange, and was also the Advisory Board Member for Hyundai DAC, the blockchain arm of South Korea’s largest car manufacturer Hyundai Motor Group where he looks after the governance and compliance aspects of the business.

He also played a pivotal role as the Blockchain Advisor for Asian Productivity Organisation (APO), an intergovernmental organization committed to improving productivity in the Asia-Pacific region.

His second book, titled NFT: From Zero to Hero, tells you all that you need to know about NFT. His book will available very soon.

NFT stands for “non-fungible token.” NFTs can really be anything digital。 In simple words, these cryptographic assets are based on blockchain technology. They cannot be exchanged or traded equivalently like other cryptographic assets. Like Bitcoin or Ethereum.

NFT allows the buyer to own the original item. Not only that, it contains built-in authentication, which serves as proof of ownership. Collectors value those “digital bragging rights” almost more than the item itself.

The following topics were addressed:

– Why NFT is important
– Overview of the current NFT industry
– Who are the current participants in the NFT market?
– Introduction of CEX and DEX NFT marketplace
– What are the different types of NFTs?
– What are the necessary tools if I want to gain an in-depth understanding of the NFT market?
– What is a successful NFT project?
– Quick Overview on NFT Regulations
– Quick Overview of NFT and Traditional Business
– What to look out for during the bearish times?
– What’s next for the future?

NFTs have the potential to be infinitely useful in many industries by increasing security and processing costs for transactions and providing a new platform for the gig economy to work through.

NFTs are revolutionizing digital asset ownership and laying the foundations for crypto, play-to-earn games, metaverses, and more.

Anndy Lian is an early blockchain adopter and experienced serial entrepreneur who is known for his work in the government sector. He is a best selling book author “Blockchain Revolution 2030”.

Currently, he is appointed as the Chief Digital Advisor at Mongolia Productivity Organization, championing national digitization. Prior to his current appointments, he was the Chairman of BigONE Exchange, a global top 30 ranked crypto spot exchange and was also the Advisory Board Member for Hyundai DAC, the blockchain arm of South Korea’s largest car manufacturer Hyundai Motor Group. Lian played a pivotal role as the Blockchain Advisor for Asian Productivity Organisation (APO), an intergovernmental organization committed to improving productivity in the Asia-Pacific region.

An avid supporter of incubating start-ups, Anndy has also been a private investor for the past eight years. With a growth investment mindset, Anndy strategically demonstrates this in the companies he chooses to be involved with. He believes that what he is doing through blockchain technology currently will revolutionise and redefine traditional businesses. He also believes that the blockchain industry has to be “redecentralised”.

j j j

How To Prepare for the Next Crypto Bull Run

How To Prepare for the Next Crypto Bull Run

There is a lot to learn about what appears to be the first bear market since 2018 in light of recent developments in the cryptocurrency space. For both experienced and novice investors, bear markets have historically been a very trying time, with little to no gains being realized. Many investors suffer significant financial losses during bear markets as they attempt to trade despite the unpredictability of recovering from failures. For a newcomer to succeed in cryptocurrency, learning how to protect your investments and have liquidity for the next bull run is crucial. The aim of this article is to offer informed advice on how to avoid common errors in a bear market and essential steps to take in preparation for the continuation of a bull run in this article.

The upside of the newly created crypto bear market, hard by the crash of Terra and more recently the bankruptcy of 3AC, is the opportunity to improve your portfolio in crypto and NFTs. While there’s plenty of YouTubers advising you to “buy the dip” what does this actually mean in practice? A key to that is a strategy revolving around risk mitigation, bearing in mind that while in the long run crypto and NFTs will likely continue to grow in value, while also accepting a lot of NFT projects are not going to survive. A first step to preparing your bear market strategy is to figure out your risk tolerance.

Types of crypto risk strategy from @krissyos

While there’s lots of discussion and peer to peer pressure about buying the dip whether its Bitcoin or Ether the best approach to help mitigate risk is to adopt a more rational attitude. A key tactic to use dollar-cost-averaging. “If you put a certain amount of money in Bitcoin every single week since 2010, you’d be one happy person right now. If you did it over the last year, today you may not be happy, but maybe in a few months you would be incredibly happy,” recommended Ron Levy, CEO of The Crypto Company. In fact, with most exchanges, you can set up dollar cost averaging, with the benefit that you can set and leave it, However, the fact remains it’s only a worthwhile strategy if the investments in crypto increases over time. “For Bitcoin, I like the dollar-cost averaging strategy because I like Bitcoin long term. It is one of the more stable [crypto] investments that a person can make. When we’re talking about dollar-cost averaging with altcoins, I think that that carries a lot more risk to it,” said Wendy O, crypto investor and popular TikToker.

An essential component of the cryptocurrency industry is research and data. Although profitable investors have previously used the bear market to pinpoint blue-chip projects that would soar in the following bull market, because of how innovative and dynamic the cryptocurrency market is, most of the projects on the market stand a good chance of failing to take off before the next bull run. A good run in the bull market, as in the past, would be yours if you took the time to research the “next big thing” in cryptocurrency. Most research involves reading a lot and collecting a lot of data. Researching projects in a bear market can benefit from a variety of resources, some of which are listed below:

DappRadar -When it comes to discovering, tracking, and trading everything from DeFi, to NFTs and gaming with accurate data and analysis then DappRadar, which was born out of the last crypto winter of 2018, is a beneficial tool. It aims to provide its users with access to “top collections, trending dapps, trader volume and maybe, just maybe, uncover the next blockchain unicorn.” Driving more than 1.5 million users into DApps every month, DappRadar tracks of over 9,000 DApps across 30 blockchains. It’s also recently introduced its own token to enable access to useful investor content, as well as participate in its DAO governance, as it looks to develop its “community-driven Web3 ecosystem,” according to their white paper.

Bankless – Bankless is a well-known podcast in the cryptocurrency industry where thought-leaders and the founders of cutting-edge startups are invited to speak and share their opinions on current events in the industry. In addition, Bankless is a resource for information that supports investment choices by providing direct feedback from seasoned investors on telltale signs of a promising project. Weekly newsletters from Bankless also cover DeFi and cryptocurrency.

On taking a positive attitude to the opportunities in the bear market co-host Ryan Sean Adams said on a recent discussion: “First of all you have to get convicted; if you’re not convicted like just don’t listen to what David and I say go develop your own conviction okay, just like stop the podcast and figure out what this asset class is for yourself.”

CoinMarketCap – It’s the most popular cryptocurrency tracking website in the world, according to CoinMarketCap, with data on thousands of cryptocurrencies. To help you better make investment decisions during a bear market, CoinMarketCap provides helpful information on digital assets to retail investors. The problem is that a lot of people who use it don’t really take full advantage of its resource. For example, right at the top of the homepage there is a snapshot of useful global metrics which helps give a real time view of where the market is at. Another useful but under-used feature is the display it provides of all the places to buy a coin, simply by clicking on the market tab.

 

Source: How to Use CoinMarketCap: 17 Must-Know Tips [2022 Tutorial]

Nansen: Nansen is another helpful blockchain analytics platform that uses on-chain data to tag the wallets of seasoned investors, or whales in cryptocurrency jargon so that retail investors can replicate their holdings and invest in the same projects. To quote data journalist Martin Lee: “Blockchain analytics helps to surface new opportunities, do due diligence and using platforms such as Nansen, you’re able to set up alerts to get real time notifications on certain events. You’re able to make more informed investment decisions by knowing who and what transactions are happening on a blockchain as they happen.” Nansen helps to surface the signal and allow you to focus your time on the crypto projects that matter, as early as possible, Lee added.

Cryptocurrency influencers: There is a plethora of cryptocurrency influencers on YouTube, Twitter, and other social media sites which are well-known for their opinions on cryptocurrency projects, for using their platforms to promote different projects from the bull market. Although it’s obviously not a good idea to take every influencer’s advice, they can also help with investment choices if you choose wisely. Examples worth mentioning include Bitboy CryptoZachXBT, and Laura Shin.

The best action in a bear market is to step back, evaluate the market, and pinpoint potential blue-chip projects that spearhead the next bull run. Your success as a retail investor in the next bull market will significantly depend on how effectively you use the available resources and cryptocurrency data available. I advise investors to start learning about various cryptocurrency projects to position themselves for the next bull run as the bear market appears to be here to stay for now. In order to survive the current bear market the smart thing to do was use the best tools available to guide your decision making. “Now’s the time to double down on use of data and crypto sentiment tools like LunarCrush to up your investor game. It’s a time to improve your understanding both technically and socially. Go re-connect with your friends and family now that things have calmed down, and maybe catch up with what’s happening in the larger blockchain eco-system outside of NFTs and crypto tokens.”

 

Original Source: https://www.securities.io/how-to-prepare-for-the-next-crypto-bull-run-thought-leaders/

Anndy Lian is an early blockchain adopter and experienced serial entrepreneur who is known for his work in the government sector. He is a best selling book author “Blockchain Revolution 2030”.

Currently, he is appointed as the Chief Digital Advisor at Mongolia Productivity Organization, championing national digitization. Prior to his current appointments, he was the Chairman of BigONE Exchange, a global top 30 ranked crypto spot exchange and was also the Advisory Board Member for Hyundai DAC, the blockchain arm of South Korea’s largest car manufacturer Hyundai Motor Group. Lian played a pivotal role as the Blockchain Advisor for Asian Productivity Organisation (APO), an intergovernmental organization committed to improving productivity in the Asia-Pacific region.

An avid supporter of incubating start-ups, Anndy has also been a private investor for the past eight years. With a growth investment mindset, Anndy strategically demonstrates this in the companies he chooses to be involved with. He believes that what he is doing through blockchain technology currently will revolutionise and redefine traditional businesses. He also believes that the blockchain industry has to be “redecentralised”.

j j j