Do you watch TikTok? Change your crypto wallet immediately + another 18 ways to protect your assets

Federal Communications Commission (FCC) in the USA stated that China uses TikTok to collect users’ data. In particular, the app tracks account information, search history, location, and other data.

You are probably one of those who likes to watch funny videos on TikTok. However, we hasten to disappoint you; in the long term, it can be why your cryptocurrency wallet gets hacked. Do you need it? We didn’t think so. 

TikTok leaks users’ data

To operate successfully, TikTok gathers a lot of data. You may argue that Facebook and Google also collect users’ data, but there is one big difference — TikTok is a product created in China. According to FCC chairman Brendan Carr, it’s a problem because China has a national security law that compels every entity within its jurisdiction to aid its espionage and what they view as their national security efforts. 

China could inject the data into its artificial intelligence systems and compromise users. Therefore, the FCC recommended removing TikTok from all app stores. Overall, according to the statement, the application collects.

• biometric identifiers, including facial and voice recognition;
• location data;
• search history;
• any content created through the platform;
• message drafts;
• metadata;
• information stored on the clipboard, including text, images, and video.

That’s why Reddit user KirbyAteMyCoin says if you use TikTok and crypto, you should change all your wallets immediately. Move your assets to new wallets as the possibility of TikTok acquiring your seed phrase and a ton of other personal data is, and I can’t stress this enough, VERY HIGH. 

The most common attacks on cryptocurrencies

In the case of TikTok, your data can be stolen from your phone anytime because the app collects all information and sends it directly to the Celestial Empire. However, it is essential to secure wallets from the Chinese eye and ordinary hackers, constantly inventing new tricks to get data from cryptocurrency wallets and steal users’ funds. Here are some of them. 

• Phishing. Scammers make a copy of the site promoted exchanger or exchanger. The site is only slightly different in address and is a “fake,” a copy with almost nothing working except an API for transferring money. An inattentive investor enters the personal data on the copy-site an then either transfers the cryptocurrency to scammers, or scammers read the data and passwords of his wallet and then transfer the coins themselves.
• Shady exchangers and exchanges. It is enough to offer investors lower commissions or additional “perks” to draw them to their side. After collecting enough cryptocurrency, the exchange or exchanger “accidentally” goes bankrupt.
• Fake apps. Attackers also create copies of existing apps by adding malicious code. There have also been cases where attackers have made “new” counterfeit apps for platforms that do not have mobile or desktop versions.
• Stealing the locally stored passphrase or private key used by crypto wallet apps. To resolve, experts typically recommend application-level encryption to protect locally stored data, no matter where the data resides, i.e., internal to the app itself, in preference areas, or clipboards.
• Harvesting passphrase or private key dynamically. Performed when the user enters values into the cryptocurrency wallet application.
• MiTM (Man-in-the-Middle) attacks on crypto apps. A type of attack in cryptography and computer security where an attacker covertly retransmit and, if it is necessary, alters the communication between two users who believe they are directly communicating with each other.
• Cryptojacking and emulators with crypto wallet apps. It is used to take over the computing power of a mobile device and use it for crypto-mining. To protect against this class of attacks, it is recommended to use runtime application self-protection (RASP) techniques, in particular, protection against unauthorized access, protection against debugging, and protection against emulators.

How to protect your currency

It’s impossible to protect anything completely, but several simple tips can help reduce the risk of virtual asset theft. 

• Use cold a cryptocurrency wallet that cannot be compromised because it is not connected to the internet, hardware-based cryptocurrency wallets.
• Carefully check the addresses of any sites that require a password.
• Use two-factor authentication.
• Verify the recipient’s wallet address when sending a transaction.
• Don’t use the same password on different sites.
• Don’t keep passwords on your computer or flash drive unencrypted. There are special programs for that, but you can do without them. At the very least, encrypt your passwords yourself and remember the key to the “decryption.” For example, there are three passwords “8jh73Gd9”, “jkEH7hfe”, and “H8f9j8FJ”. You leave them as they are, but in your mind, remember that the correct sequences are as follows: “8Ch73Gd9”, “jCEH7hfe”, and “HCf9j8FJ”. As a result, the password owner only needs to know the second character, avoiding remembering the whole thing. This method is primitive, but it’s better than nothing.
• Use a device not used for everyday Internet surfing for financial transactions. Explore the possibility of offline transactions.
• Don’t neglect your phone and email tethering.
• Don’t connect to public hotspots like Wi-Fi in coffee shops for financial transactions.
• Don’t keep correspondence about financial transactions and investments.
• It’s better to split one significant transaction into several so as not to attract the attention of “blockchain monitors” who “scatter the dust.” it’s about a dusting attack when an attacker sends small amounts of crypto to wallet addresses in the hope of tracking them and later executing a phishing attack
• Store cryptocurrency in different wallets.
• Don’t forget to back up your wallets and two-factor data. Store copies in an encrypted archive on a device not connected to the Internet.
• Install AntiPhishing app code or its analogs if the platforms you use support such functionality.
• Set up IP whitelisting for login if the platforms you use support such functionality.
• Always research cryptocurrency wallets before installing them on your phone, even if they’re listed on the app store.
• Always perform regular security updates on your operating system.
• Don’t enter your seed words on any website a series of words generated by you cryptocurrency wallet that gives you access to the crypto associated with that wallet.

Today’s crypto hackers are not limited to stealing a single password. They ferret out all the necessary data, including email passwords, and even bypass the two-factor authorization of crypto exchanges. Be careful, guys!