As cryptocurrency scams surge to $9.9 bn in 2024, experts warn that no wallet is entirely immune to hacking, urging users to adopt stronger security measures to protect their digital assets, JUSTICE OKAMGBA writes.
The widespread adoption of cryptocurrency has brought financial freedom to millions across the globe, offering a decentralised means of storing and transferring value.
However, with this rise comes an increasing threat of cyberattacks, as hackers continuously develop new techniques to exploit vulnerabilities in digital wallets.
Protecting crypto wallets from hackers has become a growing concern, especially as the volume of stolen digital assets continues to rise.
In 2024 alone, cryptocurrency scams received at least $9.9bn on-chain, according to Chainalysis — a figure expected to increase as more illicit addresses linked to fraud are identified. Since 2020, scam activities have grown by an average of 24 per cent annually.
If this trend continues, experts predict that the total amount lost to scams could surpass $12bn by the end of the year. These figures underscore the urgent need for crypto users to adopt better security practices to protect their digital assets.
Despite the advanced security protocols built into blockchain technology, crypto wallets remain a vulnerable entry point for hackers.
The CEO of Crypto Security Company, Vlad Goncharov, said no wallet is entirely immune to hacking, pointing to high-profile cases where popular wallets such as MetaMask, MyCrypto, and Ledger were compromised.
The breach, which occurred across 11 blockchain networks including Ethereum, resulted in more than $10m stolen.
He explained that one theory behind the hack is that attackers exploited vulnerabilities in private key generation algorithms, allowing them to access wallets directly on-chain.
Goncharov said hackers employ various methods to breach crypto wallets. While vulnerabilities in wallet software pose significant risks, the most common attack vector remains social engineering — a tactic where bad actors manipulate victims into revealing their private keys or recovery phrases.
He noted that such attacks often bypass wallet security features, making users themselves the weakest link in the security chain.
According to him, wallet developers generally avoid responsibility for such breaches, as they stem from user error rather than flaws in the software itself.
“Do not share your wallet’s private key with anyone, and do not use Wi-Fi or RPCs that you don’t trust during any transactions,” he advised.
Crypto wallets are typically classified into two categories — hot wallets and cold wallets — each with distinct security risks.
Hot wallets, which remain connected to the internet, are convenient for frequent transactions but are more vulnerable to cyberattacks.
Crypto Asset Recovery Specialist Francis Johnson said hot wallets are a prime target for hackers because of their constant online connectivity.
The executive explained that phishing scams, malware, and SIM-swapping attacks are common techniques used to compromise hot wallets.
He recommended that users store the majority of their crypto assets in cold wallets — hardware wallets that keep private keys offline — as they offer higher levels of security.
Architect at Coinbase Sheila Renee said while two-factor authentication provides an extra layer of protection, it is not foolproof.
She warned that SIM-swapping attacks — where hackers convince phone carriers to transfer a victim’s phone number to another device — can bypass 2FA security measures.
Renee advised crypto users to remain cautious when receiving unsolicited messages or emails, as phishing scams can trick users into handing over their login credentials or installing malware on their devices.
A crypto trader, Ayuba Basiru, said that some non-custodial wallets, such as Bitget, have stood the test of time by incorporating 360° security protection technology.
He said these wallets leverage encryption, verification, and risk detection methods to protect users’ assets, adding that Bitget wallets also support hardware wallets and multi-party computation wallets for enhanced security.
However, he stressed that no wallet is entirely immune to hacking attempts. He advised users to back up their recovery phrases, enable two-factor authentication, and avoid downloading wallet applications from unofficial sources.
A crypto security expert, Anna Keller, said hot wallets are particularly vulnerable due to their constant online connectivity.
She explained that common hacking methods include phishing scams and malware attacks, which can compromise users’ devices and steal wallet information.
Keller recommended that users prioritise cold wallets for long-term storage, regularly update their software, and enable two-factor authentication.
She emphasised that safeguarding private keys is critical, as they are the only means of accessing crypto assets.
A crypto enthusiast explained that sophisticated malware, such as Trojans, can penetrate devices and extract wallet keys or seed phrases stored in memory. The individual said weak passwords and improper storage of recovery phrases further increase the risk of wallet compromise.
He added that undiscovered software vulnerabilities could also be exploited by hackers before developers release security patches.
Even with the best security features in place, human error remains one of the biggest risks to crypto wallets.
Phishing attacks, where hackers create fake websites or emails to trick users into revealing sensitive information, are among the most common methods used to gain unauthorised access.
Once hackers obtain a victim’s login credentials or private keys, they can empty wallets without leaving a trace.
Crypto security experts advise users to follow several best practices to protect their wallets. These include enabling two-factor authentication, using cold wallets for long-term storage, and regularly updating wallet software.
Users are also encouraged to create strong, unique passwords and avoid sharing their private keys or recovery phrases with anyone.
Additionally, avoiding public Wi-Fi networks during transactions and only downloading wallet applications from trusted sources can further reduce the risk of hacking.
While no system is entirely infallible, adopting strict security practices can significantly reduce the risk of crypto wallet hacks.
