How do you lose all your money in a moment?

Did you read the headline? Surely you are convinced that such a fate will always pass you by... I think everyone who woke up and suddenly saw zeros in their wallets, also thought so :)

Reasons for losses may be different: exchanger blocked your account, or hackers stole all the crypto by breaking into your Metamask, etc.

And that's why I wrote this mini guide so you, my beloved subscriber, never had to face a sudden loss of all your money. Make sure you read it all the way to the end (if you want to make sure your savings are safe). Let's go

(Don't forget to subscribe to my May CLUB channel)

Naturally, hard wallets are considered the safest way to store crypto. But you must have heard about Ledger, which is considered by many to be the most convenient and safest wallet. Well, the hell you have. The crooks can easily take your money from there as well.

First of all, from the obvious, you might run into a bad Ledger if you order it from God knows where. That's how they steal millions... They come to their cryptan friends' birthday parties, give them a Ledger, having learned the cid phrase beforehand, and then take all the money out of there. But that's not the point now...

!!! EthClipper attack !!!

Developers of cold wallets say in one voice that there is no way to steal your crypto when connecting the wallet even to a virus-infected computer. But there's no way... So, let's imagine that you need to transfer crypto, for example, from Ledger to your own Binance. You copied your wallet from Binance, inserted it into interface, confirmed on Ledger and waits until the money appears on the exchange. By the way, here is what the interfaces of different Hard Walets look like at the moment of transaction confirmation

You wait and wait, but the crypto doesn't come and doesn't come. And it seems that the transaction in the blockchain is already confirmed, but nothing appears on the balance. I don't want to upset you, bro, but nothing will appear there ;) Your money was stolen. How? For now just look at the picture below and try to understand something

In short... First, you catch a virus on your computer, which can even be encrypted into an ordinary .pdf file. It sits on your computer, waiting for the right moment. As soon as you're about to transfer crypto somewhere, in 99% of cases you have to copy the recipient's address from somewhere. You're not going to manually write a multisymbol wallet address. The virus sees that you have someone else's crypto-wallet on the clipboard. In a split second, it sends a request to ClipperCloud (it has a huge collection of fraudsters' wallets) and looks for a visually identical wallet in the pre-gathered database. As a rule, enough that the first and last 4-5 characters coincide with your real purse (chance that you will notice 1%). Then the clipboard is swapped, and it turns out that you insert the number of a completely different purse. And finally, unsuspecting, you confirming the transaction in Ledger and that's it... the money's gone to the scammers.

Fast forward to one of the super-effective ways to get you to download that very pdf with the virus... social engineering.

Imagine that you are an ordinary office worker, an accountant in a small company, who in his spare time trades crypto and dreams of a better life.

But at one moment, you start getting cyber-bullied in all the social networks by some nonnamese person. Leaves negative comments, teases you in every way, hurts you, writes all sorts of nastiness, insults you, etc.

It would seem easy to get rid of this type, just block or ignore. But no, he creates new accounts, he already knows your phone number and spams you in messengers. He knows your address, orders all sorts of couriers to visit you late at night. In short, he doesn't let you live in peace, and you can't do anything about it. And so, you do not know where to go. You can not calmly work, rest. Your body is emotionally exhausted.

And suddenly another person writes to you, who has also encountered similar cyberbullying. At first he couldn't do anything about it either, just like you, but then he found a solution. You correspond on a common topic, you communicate, he helps you get rid of that very annoying type, there is a connection between you, the resource of trust increases. He sends you a pdf, and you download it on your computer, open it, read it, and a week later you lose your bitcoins.

Once again, an abrupt transition. Now that we've dealt with cold wallets, let's talk about ways to steal dough from non-custodial wallets.

Here, in fact, are the most frequent reasons for losing money. To be honest, I don't really want to stop, because there is a lot of information about how crypto is stolen from metamask. I think everything is clear here. The main thing is to be careful and not to try to confirm on all the sites, disclose your seed-phrase, etc. from the main wallet, where there are millions.

And here it is already much more interesting.

First, any exchange can suddenly ask for additional checks, KYC, etc. And then it may consider your account suspicious and block the withdrawal, until you provide an explanation where the balance funds come from. This fact alone can encourage many to completely refuse to use centralized exchanges like Binance, Coinbase, ByBit, etc.

If we talk about scammers, they also have a lot of ways to gain access to your account and withdraw all your money.

For example, SIM card spoofing is one of the most popular. Making a SIM Jack and getting an SMS to log in to your account at the exchange is not the most difficult task for advanced hackers. The password can be hacked or, if you use the same password on all the sites and services in a row, just find it. Email isn't hard to dig up either. And if you are good at OSINT, you'll have no problems at all with searching for information. By the way, catch HavelBeenPwned service, which you can use to check if your email is somewhere in the public domain or not.

There is also always the risk of catching a keylogger on your computer. For those in the tank, this is a virus that reads keystrokes. That is, all the logins and passwords that you will enter through the keyboard at Binance will end up in the hands of fraudsters.

A keylogger is half the trouble. They can easily throw in software that will record your screen and steal not only logins / passwords, but also all kinds of photos, videos, other personal data, etc.

It often happens that seed phrases or login-password are photographed on the iPhone or put in the notes on the iPhone. At the same time, the person has automatic synchronization with iCloud, which requires only a mail and password to hack... As you can already understand, this is not a problem at all for pro-hackers. With Google Drive and Google Docs the same song.

1. First, read these 25 points, going into each one.
2. Don't forget that blockchain.info, TrustWallet, MetaMask and other non-custodial wallets are just interfaces.
3. About cold wallets. Personally, I don't trust Ledger or Trezor. There is a hardcore version of BitLox Ultimate, which is literally packed with security features, passes traffic through Tor, and has several levels of encryption.
4. If you're going to keep billions, make a cold wallet yourself. For example, from an old smartphone. You can make a cold wallet with Electrum and let all the traffic through Tor.
5. Always check the contract before signing. Do not you confirm the unlimited withdrawal of crypto from the wallet, etc. Better don't use your main wallet for signing anything at all, create separate wallets for it and put small amounts there.
6. Don't let the device with the wallets fall into the hands of intruders physically. Or, at the very least, encrypt the drives with VeraCrypt
7. Always double check the address you copied to the clipboard. Clipper does not forgive mistakes.
8. Use OpenSource password store and OpSec services. Stay up-to-date with the latest anonymity and privacy technologies.
9. The easiest way is to buy a Mac. After all, 99% of malware thefts occur on Windows.