Could Your Wallet Be Next? How to Keep Your Crypto Safe
Hot wallets are getting less and less safe
Hey there,
If you own a hot wallet (i.e. one that is always connected to the internet), it’s most probably time to reconsider your options. There have been 2 wallet hacks that occurred this week, which were most likely due to some vulnerabilities in the wallet apps themselves.
The Top Story: Your private keys aren’t safe
The first that occurred was Edge Wallet, where 2,000 private keys were leaked and 5 figures worth of crypto (in USD) were stolen.


This was due to a vulnerability where a user who made a purchase via one of Edge’s on-ramp partners resulted in their private keys being exposed.
If this user uploaded their logs to Edge’s servers, the private keys would leave the mobile phone.
As a result, someone who has access to these private keys could then transfer the funds out of the users’ wallets and into their own.
A private key is the password to your crypto wallet. Anyone who has it will be able to gain full control of the funds in your wallet!
This incident seems eerily familiar to the Slope wallet hack which happened just a few months ago.


There were vulnerabilities which resulted in Slope wallet uploading users’ mnemonics (or seed phrases) to their servers. These were not encrypted and allowed the hacker to drain about $4.1 million worth of funds from these users!
These 2 incidents highlight the risks of having your seed phrase or private key stored on a hot wallet. These are always connected to the internet and increases the risk of them being compromised by hackers.
I recently did a video about the Edge Wallet hack which you can find out more about it here.
MyAlgo was hacked too
Another crypto wallet, MyAlgo, had around $9.6 million worth of funds being drained from users’ accounts.

However, MyAlgo still does not know what was the cause of this hack.

It could be that a leak resulted in the mnemonics of these wallets being exposed as well, resulting in these users’ wallets being drained.
Do let me know if you are still confused by what’s happening, as I feel that their communication is rather poor.
Are hardware wallets the answer?
Hardware (cold) wallets are more secure compared to hot wallets, where they keep your seed phrases and private keys offline.
It is not exposed to the internet at all, so it makes it much less susceptible to hacks.
However, just having a hardware wallet isn’t the be all and end all. Ultimately, you will still need to keep your seed phrase secure, which still involves keeping it in a safe place.
If you keep a digital copy of your seed phrase, it can be considered as being compromised!
You can check out my video here where I explained this mistake I made with my new Ledger wallet.
I would highly recommend you to get a hardware wallet if you have > $1k worth of crypto assets.
While they may seem very complicated, these wallets are quite straightforward to set up and use for your daily transactions.
If you’re new to hardware wallets, do feel free to let me know some questions you have!
Other top news of the week
Apart from these crypto wallet hacks, here are some other fascinating stories from the past week:
#1 Coinbase suspends BUSD 🛑
You will no longer be able to trade BUSD on Coinbase after they deemed that this stablecoin does not meet their listing standards.

This may be rather concerning, but could it also be a targeted attack on Binance?
An article was also published by Forbes claiming that some of the Binance-Peg tokens being issued did not have enough collateral, which CZ had to come out and claim that the allegations are false.
It’s still hard to say whether Binance is truly safe, but to be better safe than sorry, you may want to withdraw all your funds from the platform, as well as any other centralised exchange.
#2 Account Abstraction makes waves on Ethereum
This could be a huge advancement in crypto adoption, with Vitalik seeing it as a gamechanger for Ethereum.


The entire concept is rather confusing, but account abstraction enables the development of smart contract wallets.
One of the main use cases is that you do not need to just rely on seed phrases and private keys to secure your wallet.
The Argent wallet already has a feature called Social Recovery, where you can share an encrypted version of your seed phrase with your friend. If you lose your private key, then you can get your friend (AKA guardian) to recover your wallet for you!
There are lots of applications of smart contract wallets, and hopefully this will spur greater adoption of crypto wallets.
#3 Polygon ID launches
There’s yet another new feature released by Polygon, with it claiming to be the first zero-knowledge-based digital ID tool.

This will allow you to verify your identity without any information being stored by a third party!
Remember all of the face scanning or uploads of our IDs that we had to do while signing up for an account on a centralised exchange? This could be a thing of the past with this latest tech.
#4 Solana’s down YET again
It’s just gotten worse for Solana after they faced another outage, but could not find the root cause of it.

It’s not looking good for Solana after they suffered 11 major and 3 minor outages in 2022.
#5 Trezor makes their own chips
This hardware wallet no longer needs to rely on third-party chipmakers as they are now building them in-house.

This could make Trezor more secure as it reduces the risk of its chips being compromised when it is manufactured by an external vendor.
Scam Spotter
I've come across some scams recently, and I want to help you spot them too. Here are some details you can look out for before clicking any links.
#1 Fake Optimism Airdrop
This tweet was advertising a second wave of the OP token airdrop.
Although the Twitter name is similar to the official Optimism account, the username being used was @Herzog_99.
The official username of Optimism is “@optimismFND”.
Clicking on the link resulted in this webpage that was rather poorly designed.
This would have been a phishing site that aimed to get you to connect your wallet, and then accept a token approval, which could have drained the funds in your wallet.
#2 Fake Email Scams
Received any messages from Trezor saying that your wallet is compromised?
This is most likely a scam as they may be looking to get hold of your seed phrase or private key via a phishing site.


In a similar scam, a hacker accessed the laptop of an employee of The Sandbox, and he sent emails to its users to redirect them to a phishing site.

This site contained some malware which could give third-party control over the user’s computer if they installed it.
Hot Deals
Check out these exciting deals I discovered that you might want to take advantage of!
#1 Free Unstoppable Domains
Unstoppable Domains is giving out free Web3 domains if you deposit $10 into your wallet created with OKX wallet.


I’ll be trying this out and will be making a YouTube video about it once I’ve done so!
#2 Get 1 USDC when you deposit > $10 USD worth of assets to Robinhood wallet
The Robinhood wallet is now publicly available after being invite-only for a few months.
To qualify, you’ll need to:
Download and either import / create a Robinhood wallet
Deposit at least $10 worth of any of these supported assets in 1 transaction (either Polygon or Ethereum network)
I would suggest sending over $10 worth of MATIC via the Polygon network, due to lower gas fees on Polygon vs Ethereum.