A crypto holder’s seed phrase was accidentally guessed by a smartphone and it only outlined the ease with which hackers can use the text prediction feature to drain the funds so let’s read more today in our latest cryptocurrency news.
The seed phrases are a random combination of words from the BTC Improvement Protocol 39 list of 2048 words and act as one of the primary layers of security against unauthorized access to the users’ crypto holdings. What happens when the smartphone’s predictive typing remembers and suggests the words next time that you try to access your digital wallet? A 33-year-old IT professional from Germany posted on Reddit after he discovered his mobile phone’s ability to predict the entire recovery seed phrase as soon as he typed the first word in.
#PeckShieldAlert #phishing PeckShield has detected a bath of @Stepnofficial phishing sites. They insert a false Metamask browser extension leading to stealing your seed phrase or prompt you to connect your wallets or “Claim” giveaway. @Metamask @Coinbase @WalletConnect @phantom pic.twitter.com/cmWUcprMAN
— PeckShieldAlert (@PeckShieldAlert) April 25, 2022
As a fair warning to the fellow Redditors, the man’s post outlined the ease with which hackers can use the feature and drain the users’ funds by being able to type the first word out of the BIP 39 list:
“This makes it easy to attack, get your hands on a phone, start any chat app, and start typing any words off the BIP39 list, and see what the phone suggests.”
The Redditor shared his shock when he first experienced his phone guessing the 12-24 word seed phrase and he was stunned. The German crypto investor was able to reproduce the scenario wherein his phone can accurately predict the seed phrases and after realizing the impact of the information, if it went out to the wrong hands, it can tell people about it so he guessed that there are others that typed seeds into their phone. Andre’s experiments confirmed that Google’s GBoard was the least vulnerable as the software didn’t predict each word in the correct order and the Microsoft Swiftkey keyboard was able to predict the seed phrase immediately. The Samsung keyboard as well can predict words and suggest text corrections that are manually read on.
The initial sting with crypto goes back to 2015 for Andre when he lost interest until he realized he can buy goods and services using BTC and other coins. His investment strategy involves purchasing and staking BTC like ALGO, Terra, and TEzos. As a safety measure against these hacks, storing significant and long-term holdings in a hardware wallet can be a solution. He advised Redditors to not invest more than they are willing to lose and always double-check the addresses they are sending to:
“Do yourself a solid and prevent that from happening by clearing your predictive type cache.”
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]