With the Bitcoin frenzy in place, everyone is registering where they can for a Bitcoin wallet. Many wallet options have succeeded at the mobile app level across all repositories, and; many believe they are safe to use. But, are they? Well, a new study is here to disappoint you, really hard!
Over the last few months, the value of cryptocurrencies has continued to surge and we suspect will only surge higher. Meanwhile, hackers and scammers are on the increase, and they aim at stealing the digital money from people who do not suspect as has been the case recently with hackers threatning Trade Route users with a bitcoin ransom.
One of the most common methods in which these cyber buglers are perpetrating the theft is through faking apps to steal user’s credentials. Yet, according to a new study carried out by High-Tech Bridge, a Switzerland-based information security firm, it’s not just the fraudulent apps that are unsafe to use.
In one of the most absurd turns out of events, legitimate mainstream apps are what enthusiasts should be worrying about. The majority of these apps are insecure and can easily infiltrate codes to reveal their user’s login information and possibly phish their currencies. In the past bitcoin users would go to a bitcoin mixer and tumble their stash to keep it anonymous but not everyone buying bitcoins is cut out for that type of work and just hope that their app downloads are safe.
To study these apps, High-Tech Bridge came up with X-Ray – a mobile application analysis software – to examine 30 cryptocurrency apps on the Google Play and other three popular stores. They categorized apps with up to 100,000 installs and those up to 500,000 installs as well as those beyond the 500,000 mark. The total number of digital currency apps studies in these categories were 90.
The study revealed one of the most absurd realities that would scare crypto enthusiasts. For instance, 66 percent of those apps did not use HTTPS encryption; 44 percent depended on hard-coded passwords that defaulted, or in simple terms, they stored the passwords in plain texts. Moreover, 94 percent rely on outdated encryption methods, and they had a minimum of three medium level vulnerabilities.
The chief executive at High-Tech Bridge Ilia Kolochenko told Motherboard that the affected apps studied included wallets, price trackers, and exchanges. For instance, they have price trackers, trades, and wallets. This means that although the cryptocurrency codes are built on anonymity, the apps, and tools that aid transactions aren’t, and; this could lead to the loss of funds and sensitive information.
Further, Kolochenko said, “If you don’t have proper encryption (for your coins) – or it’s simply not well-defined on some of these apps that rely on HTTP with no encryption at all – when you are sitting with your phone at the cafe or airport, and; the WiFi happens to be insecure, someone else could seize the traffic, intercept your login details, and access the wallet or digital storage.”
Kolochenko also warned that the price tracker apps were also susceptible to manipulation. He said that malicious people could feed large volumes of false trader information to try influence the application’s behavior. The prices of cryptocurrency are driven by market whales who trade large amounts. Well, the others who depend on small transactions could use bitcoin credit cards, but; as long as it uses these apps, it’s never entirely safe!
He said that price trackers have ‘poorly implemented’ privacy systems and could easily allow attackers to alter information. He urges enthusiasts to shun apps that ask for personal details. Instead, he insists that those who want to stay anonymous need to embrace apps that don’t require the address or other sensitive details to show the price or market charts. No doubt, even if a skilled technician wants to use such an app to hack your digital money, they’d have to put a lot of resources and dedication.
Noteworthy, insecure apps are the most significant blight on all mobile systems, and cryptocurrency just happens to be one of these systems. Cryptocurrency apps deal with money that isn’t easily locatable or retrievable, so; it could be important to be a little more cautious.