Identity theft always feels like someone else's problem until it happens to you. Offline backups, firewalls, and anti-virus software hardly feel necessary until you're the one on the phone with your bank trying to explain that it wasn't you that bought $150 worth gas, $500 worth of BestBuy gift cards, and $1000 worth of lottery tickets. Imagine how much worse it would be if your bank was merely a digital ledger in which transactions made in bitcoin or another cryptocurrency are recorded chronologically and publicly. Well, now you can!
Thanks to researchers from Positive Technologies, we now know exactly how easy it is for hackers to infiltrate Bitcoin wallets. In a short, albeit telling video from the company, a researcher demonstrated the process through which a hacker could steal the cryptocurrency. And, unfortunately for Bitcoin users, the process takes a little bit less than three minutes.
This is bad. Sure, Bitcoin and blockchain are touted as perhaps the most secure form of currency ever. However, if you store a secure form of currency in an overwhelmingly vulnerable place, the only person whose money is secure will be the hackers'. And while the two-factor authentication via SMS is considered convenient, it's security leaves more than something to be desired.
“We work in close coordination with telecom operators to discover threats before hackers do, in order to protect subscribers,” said Dmitry Kurbatov, Head of telecommunications security department at Positive Technologies in a press release. “Exploiting SS7 specific features is one of several existing ways to intercept SMS. Unfortunately, it is still impossible to opt out of using SMS for sending one-time passwords. It is the most universal and convenient two-factor authentication technology. All telecom operators should analyze vulnerabilities and systematically improve the subscriber security level.”
Yes, technology is designed to make life easier, more convenient, and more accessible. However, when it comes to money, particularly in the form of “secure currency,” technology isn't making things easy. Against our instincts, it might be time to start focusing on security before innovation, at least when it comes to the dollars that keep innovation rolling.