Never copy your seed phrase on a device that you use to browse the internet

Hi folks from r/cc, this is your friendly neighbourhood dev.

This post is a reminder to never copy your seed phrase on a device you use to surf the internet. This is due to the fact that some websites can potentially access your clipboard content.

In web browsers, there are JavaScript APIs that allow websites to interact with the clipboard contents. For example, the Clipboard API ( https://developer.mozilla.org/en-US/docs/Web/API/Clipboard_API ) provides functionality to read from and write to the clipboard using JavaScript.

With most modern browsers, you'll get a prompt for permission when a website attempts to access the clipboard, which some users just allow without even reading what the site is asking permission for, typically confusing it with cookie permissions.

The clipboard permission popup typically looks like this

please read permissions carefully before allowing

Using smaller or less secure browsers or JavaScript engines will increase the risk of clipboard data leaking. Smaller browsers or custom JavaScript engines may not have the same level of security features or undergo the same rigorous testing and auditing as more popular and widely-used browsers like Chrome, Firefox, Safari, Edge or Brave.

There are various chrome engine extensions that you can use to block clipboard access altogether for any site. Please verify the extension before you do install it.

There have also been several hacks in the past due to access to clipboard data.

Clipboard hijacking malware: In 2017, a type of malware called "CryptoShuffler" was found. This malware replaced cryptocurrency wallet addresses stored in the clipboard with addresses controlled by the attacker. When users intended to paste their wallet addresses during transactions, they inadvertently pasted the attacker's addresses, leading to the diversion of funds.

https://www.kaspersky.com/blog/cryptoshuffler-bitcoin-stealer/19976/

To be on the safe side completely, I never copy my seed on the device that I use to access the internet and I recommend you to do the same.

Be safe, If you need any assistance, do reach out to me in comments, I'll try to help you out!

submitted by /u/Concept-Plastic
[link] [comments]

You can get bonuses upto $100 FREE BONUS when you:
💰 Install these recommended apps:
💲 SocialGood - 100% Crypto Back on Everyday Shopping
💲 xPortal - The DeFi For The Next Billion
💲 CryptoTab Browser - Lightweight, fast, and ready to mine!
💰 Register on these recommended exchanges:
🟡 Binance🟡 Bitfinex🟡 Bitmart🟡 Bittrex🟡 Bitget
🟡 CoinEx🟡 Crypto.com🟡 Gate.io🟡 Huobi🟡 Kucoin.

Bitcoin.com

	The Riveting World of Bombay Club
	SOCIAL GOOD 100$ free sign up bonus + 100% Cashback on daily purchases
	Ethereum Expected to Thrive in 2023
	How To Get Started On Cryptocurrency Gaming
	5 Important Features of White Label NFT Marketplace
	How to get started with crypto gambling
	Best 7 Web3 Apps That Pay You Crypto
	6 Must-Have Tools For Crypto Traders
	Can Ethereum 2.0 Be Converted to Cash?
	Cryptocurrency in Gambling: Features and Benefits
	What are the Core Facets of a Successful Cryptocurrency?
	Cost to Develop Your Own Cryptocurrency Website
	EgldRush - The best Elrond NFT project Farming, Staking, Rewarding
	Choosing a Safe Cryptocurrency Exchange 2022
	Let's Talk About Security in Crypto

Never copy your seed phrase on a device that you use to browse the internet

Comments

Categories

Tags

Subscribe

Related Posts

Comments