gadgets

Smartphone text prediction guesses crypto hodler’s seed phrase

1200 aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDUvYzVjYTAwZGQtNTM4NS00OGRhLTlkYzUtYTIxYjFkOTJiMjhhLmpwZw

Seed phrases, a random combination of words from the Bitcoin Enhancement Protocol (BIP) 39 2048-word list, act as one of the primary layers of security against unauthorized access to a user’s crypto assets. . But what happens when your “smart” phone’s predictive input remembers and suggests the words the next time you try to access your digital wallet?

Andre, a 33-year-old IT professional from Germany, recently posted to the r/CryptoCurrency subreddit after discovering his cell phone’s ability to predict the entire recovery seed phrase as soon as he typed the first word.

As a fair warning to fellow Redditors and crypto enthusiasts, Andre’s post highlighted how easily hackers can use the feature to drain a user’s funds simply by being able to type in the first word of the list BEEP 39:

“It makes it easier to attack, get your hands on a phone, start any chat app and start typing any word from the BIP39 list, and see what the phone suggests.”

Speaking to Cointelegraph, Andre, otherwise known as u/Divinux on Reddit, shared his shock when he first saw his phone literally guessing the 12-24 word seed phrase. “At first I was stunned. The first words might be a coincidence, right?”

READ MORE:  Not enough Americans taking advantage of government assistance to pay COVID-19 funeral costs

As a tech-savvy individual, the German crypto investor was able to replicate the scenario where his cellphone could accurately predict seed phrases. After realizing the possible impact of this information if it got into the wrong hands, “I thought I should tell people about it. I’m sure there are others who have also typed seeds into their phones.

André’s experiments confirmed that Google’s GBoard was the least vulnerable because the software did not predict every word in the correct order. However, Microsoft’s Swiftkey keyboard was able to predict the seed phrase right out of the box. The Samsung keyboard can also predict words if “Auto-replace” and “Suggest text corrections” have been manually enabled.

READ MORE:  FDAnews Announces Selecting and Implementing Electronic Document Management Systems in the EU Management Report

Andre’s initial stint with crypto dates back to 2015 when he momentarily lost interest until he realized he could purchase goods and services using Bitcoin (BTC) and others. cryptocurrencies. His investment strategy is to buy and stake BTC and altcoins such as Terra (LUNA), Algorand (ALGO) and Tezos (XTZ) and “then average the dollar cost in BTC when/if they moon” . The IT professional also develops his own coins and tokens as a hobby.

A security measure against possible hacks, according to Andre, is to store large, long-term assets in a hardware wallet. To Redditors everywhere, he advises “not your keys or coins, do your own research, don’t do FOMO, never invest more than you’re willing to lose, always check the address you’re sending to , always send a small amount beforehand and deactivate your PM in the settings”, concluding:

“Make yourself a solid and prevent this from happening by clearing your predictive type cache.”

Related: STEPN Impersonators Steal User Keyphrases, Security Experts Warn

Blockchain security firm PeckShield has warned the crypto community about a large number of phishing websites targeting users of the Web3 lifestyle app STEPN.

As Cointelegraph recently reported, based on findings from PechShield, hackers insert a forged MetaMask browser plug-in through which they can steal seed phrases from unsuspecting STEPN users.

READ MORE:  Smartphone camera partnerships don't result in better photos

Access to the seed phrase ensures full control over the user’s crypto funds through the STEPN dashboard.