MultiversX Tracker is Live!

Never copy your seed phrase on a device that you use to browse the internet

All Cryptocurrencies

by COINS NEWS 109 Views

Never copy your seed phrase on a device that you use to browse the internet

Never copy your seed phrase on a device that you use to browse the internet

Hi folks from r/cc, this is your friendly neighbourhood dev.

This post is a reminder to never copy your seed phrase on a device you use to surf the internet. This is due to the fact that some websites can potentially access your clipboard content.

In web browsers, there are JavaScript APIs that allow websites to interact with the clipboard contents. For example, the Clipboard API ( https://developer.mozilla.org/en-US/docs/Web/API/Clipboard_API ) provides functionality to read from and write to the clipboard using JavaScript.

With most modern browsers, you'll get a prompt for permission when a website attempts to access the clipboard, which some users just allow without even reading what the site is asking permission for, typically confusing it with cookie permissions.

The clipboard permission popup typically looks like this

please read permissions carefully before allowing

Using smaller or less secure browsers or JavaScript engines will increase the risk of clipboard data leaking. Smaller browsers or custom JavaScript engines may not have the same level of security features or undergo the same rigorous testing and auditing as more popular and widely-used browsers like Chrome, Firefox, Safari, Edge or Brave.

There are various chrome engine extensions that you can use to block clipboard access altogether for any site. Please verify the extension before you do install it.

There have also been several hacks in the past due to access to clipboard data.

Clipboard hijacking malware: In 2017, a type of malware called "CryptoShuffler" was found. This malware replaced cryptocurrency wallet addresses stored in the clipboard with addresses controlled by the attacker. When users intended to paste their wallet addresses during transactions, they inadvertently pasted the attacker's addresses, leading to the diversion of funds.

https://www.kaspersky.com/blog/cryptoshuffler-bitcoin-stealer/19976/

To be on the safe side completely, I never copy my seed on the device that I use to access the internet and I recommend you to do the same.

Be safe, If you need any assistance, do reach out to me in comments, I'll try to help you out!

submitted by /u/Concept-Plastic
[link] [comments]

Get BONUS $200 for FREE!

You can get bonuses upto $100 FREE BONUS when you:
πŸ’° Install these recommended apps:
πŸ’² SocialGood - 100% Crypto Back on Everyday Shopping
πŸ’² xPortal - The DeFi For The Next Billion
πŸ’² CryptoTab Browser - Lightweight, fast, and ready to mine!
πŸ’° Register on these recommended exchanges:
🟑 Binance🟑 Bitfinex🟑 Bitmart🟑 Bittrex🟑 Bitget
🟑 CoinEx🟑 Crypto.com🟑 Gate.io🟑 Huobi🟑 Kucoin.



Comments