Blog

How To Protect Your Solana Non-Custodial Crypto Wallet From Getting Hacked

Secure castle on a mountain

How To Protect Your Solana Non-Custodial Crypto Wallet From Getting Hacked

Learn tips to keep your Solana crypto account secure.

6/5/2022

Non-Custodial Wallet

Solana

NFT

Can Solana Non-Custodial Wallets Get Hacked?

All devices in the world are susceptible to getting hacked. When a device becomes hacked, all of its content becomes accessible to the hacker. This means that Solana crypto custodial and non-custodial wallets could become accessible to hackers if they gain access to the device holding the private keys.

Crypto blockchains are extremely secure by design, and the underlying cryptography protecting the Solana blockchain cannot be hacked. The vast majority of Solana crypto wallet hacking is a result of user error where the user somehow enables hackers to gain access to their device.

Solana crypto wallets are super secure on their own. The cryptography protecting the Solana blockchain is so strong that it would take all of the supercomputers in the world well over 100 years just to crack a single account. The cryptography protecting Solana is about the same as the cryptography protecting Ethereum and Bitcoin - neither of which has any notable examples of cryptography hacks in a combined 20 years of operating.

Most crypto wallet hacks result from three common issues:

  • Viruses and malware
  • Easy to guess passwords and seed phrases
  • Disclosing secret seed phrase to others

We will cover the basics on how to keep your Solana non-custodial crypto wallet secure and safe from getting hacked.

Tips To Keep Your Solana Non-Custodial Crypto Wallet Safe

Safeguard your login data

Keep your login details safe and do not share them with anyone. This includes both your Avana Account and your secret account seed phrase. Always use a strong password that includes upper and lower-case letters, numbers and special characters. Longer passwords are more difficult to guess (always use minimum of 8 characters).

Avana Wallet Solana crypto account password

Hackers typically keep a long list of common passwords. They use these lists to try to crack passwords quickly - some password crackers can check more than 100,000 passwords in less than a second. You can make your password harder to guess by using random letters, symbols and numbers. For example, Password123! is easier to guess than Pas$w0*2md8382^%@. A password cracker might be able to guess Password123! , but it will not be able to guess Pas$w0*2md8382^%@.

Hard to guess passwords are also hard to remember. One way you can make your life easier is to use a password manager. We recommend the following password managers:

Many web browsers offer to store your password details to make logging in easier. Be aware that any random person with access to your device is then able to login to your Solana crypto wallet if your password is stored in your browser. We do not recommend storing your password for your Solana non-custodial account in your web browser.

Double check the website

Many scams exist in crypto. Impersonator sites try to emulate real sites in order to get you to sign transactions with your Solana non-custodial wallet. These sites can take all the proceeds in your wallet if you sign a transaction authorizing it.

Sites can also install malware on your computer that logs your keystrokes or enables hackers to gain access. Your device can become infected with malware by simply clicking on a bad link. Be very careful clicking on random links in emails, text messages, chat forums, Discord servers, etc.

Most search engines do a terrific job of filtering out harmful sites, but many bad sites can make their way past the guardian gates. Many sites try to look like the actual site to get you to click on the link. For instance, some page one results for the search term "magiceden", the popular Solana NFT marketplace, linked to scam sites for several weeks in 2022.

Even trusted sites can get hacked, and the hacker can instruct the website to load malware on your computer.

Use two-factor authentication

A study by Google in 2019 showed that two-factor authentication is one of the most effective ways of stopping hacker attacks. Two-factor authentication adds an additional step in your usual log-in process by requiring a unique dynamic code to be verified. Two-factor authentication is the greatest defense between a hacker and your Solana crypto account data.

Google's report showed that two-factor authentication messages prevented 100% of automated bot attacks that used common passwords lists and 96% of phishing attacks that try to steal your password.

Google Account Security

Source: Google

Two-factor authentication requires you to have access to the authentication device. A hacker who has access to your computer is not able to access your Solana crypto account unless that hacker also has access to your authentication device.

Avana Wallet enables you to activate two-factor authentication to protect your Solana non-custodial crypto wallet. Read more about setting up two-factor authentication for your Solana crypto account.

Avana Wallet two-factor authentication

Watch out for suspicious emails and text messages

Many hackers engage in a practice known as phishing, in which they try to trick crypto account holders to reveal their crypto account secrets. Phishing attempts usually include a message and a link to a site that tries to install malware on your device or gets you to reveal your Solana crypto account secrets.

Never click on links from persons or companies you do not know. Also, be aware that even people you know could have been hacked and an intruder could use their email address to send you messages. Look at the link address before clicking it.

Hackers also try to impersonate legitimate companies to get users to reveal their crypto account secrets. Avana Wallet will never ask you for your Solana account credentials or secrets - never reveal these secrets to anyone.

Do not install software from unknown sources

Several websites online advertise free software to download. This software may have a hidden cost - it could install malware on your device. Always do your own research and trust the publisher before downloading and installing software from the internet.

Use anti-virus and malware protection software

Install anti-virus and malware protection software to scan your device. Popular software includes:

Keep your anti-virus and malware protection software updated and run scans often. Be aware that studies have shown that anti-virus and malware protection software are only effective at identifying about one-third of viruses. This means that your device could be infected and your software does not catch it.

Install browser extensions to Safeguard your computer

Most internet viruses and malware use JavaScript to hijack your computer. JavaScript is an essential part of the internet today - it enables many of the cool and modern programs we are accustomed to using. Most Web3 dapps, including Avana Wallet, use JavaScript to enhance the user experience. The vast majority of sites using JavaScript are safe, but several bad actors use JavaScript to infect your computer.

JavaScript can be dangerous because it allows remote websites to install and run code on your local device. JavaScript code can be designed in a way to hijack your computer. Your computer can become infected by a site using malevolent JavaScript by simply visiting the site's homepage. The hacker gets one step closer to hacking your crypto account if your device holds your Solana crypto keys.

A popular plugin that restricts JavaScript is called No-Script. No-Script blocks most JavaScript from executing on your computer unless you grant the site permission to load the code. The plugin takes a little extra work to use, but it's like an insurance policy that will keep your Solana non-custodial wallet safe from hackers. You can download No-Script for Firefox and Google Chrome.

A Web3 crypto account plugin called Wallet Guard is specifically designed to protect a broad range crypto wallets including Solana crypto wallets. Wallet Guard is free for a one-week trial and available for download at Google Chrome. Read more about Wallet Guard on Twitter in this thread.

What Happens If Your Solana Non-Custodial Crypto Wallet Gets Hacked?

Transactions made after your wallet gets hacked are not reversible or refundable. Crypto account transactions are not reversible by design - this feature is what makes the network strong and censorship-resistent. There is no centralized authority who can refund your Solana SOL, crypto tokens or NFTs.

The best action you can take when you notice your crypto account has been hacked is to create a new crypto account and transfer all remaining funds to that new account. You should create the new account using a different device in the event your current device is compromised by a hacker. You should strongly consider completely reinstalling your operating system on your computer or mobile device to prevent hackers from continuing to access your device.

You can notify crypto exchanges about the hack, and post the address online. This helps others link that account to stolen proceeds.

Which Solana Non-Custodial Wallet Is The Safest?

Avana Wallet is among the safest wallets in our opinion 😊 - we designed Avana Wallet from day one with security as a top priority. Your Solana self-custody crypto keys are wrapped in several layers of encryption. Avana Wallet never has access to your private keys, nor does anyone else unless you tell them your secret credentials or your device gets hacked. If a hacker gains access to your device, they will need several encryption keys to unlock your Solana non-custodial wallet secrets.

Solana crypto wallets differ - the level of safety depends on how the developers designed the code. The concept is similar to automobiles - some cars are designed safer than others. Our designers have prioritized security into the code.

Hardware Wallet Storage (Cold Wallets)

Hardware wallets are great options to keep your crypto private keys off your device. This means that even if a hacker has compromised your device, the hacker is not able to get access to your crypto account private keys. Avana Wallet fully supports Solana hardware wallets including the Ledger Nano S, Ledger Nano S Plus, and Ledger Nano X.

Ledger hardware wallets are supported by Avana Wallet

Hardware wallets provide an extra layer of security, but they can be less convenient because you have to carry them everywhere. Hardware wallets makes using mobile payments such as Solana Pay more difficult than a hot wallet. Also, hardware wallets can become lost, stolen, and broken.

Read more about how to use a Solana hardware wallet with Avana Wallet. We recommend using both a hot wallet and a hardware wallet to store your Solana crypto. You can treat your hardware wallet like a bank savings account, and your hot wallet like a bank checking account.

NFT Minting Scams

Several scammers setup fake NFT minting sites that try to steal your Solana crypto account keys. Be very careful when you go to NFT minting sites. The growing popularity of NFTs and NFT marketplaces also means there is a growing number of NFT scams.

Discord Scams

Several scammers target Discord servers. Always check links before clicking on them. The Bored Ape Yacht Club Discord server was recently hacked for over $300,000. The hack took place after the project's community manager had his Discord account compromised. The hacker then used the account to post phishing links in both the official BAYC channel and another related channel.

Scammers may DM you, or use bots that try to get you to click on malware links. Do not click on links from people you do not recognize. Also, do not automatically trust links from bots.

Conclusion

Solana non-custodial crypto wallets are very safe as long as you take security precautions to protect your device. Always check links before you click on them, and use software to check for viruses and malware regularly. Remember that you should never disclose your Solana crypto account secrets to anyone.

Resources

Solana
Ledger Hardware Wallet
Avana Wallet Documentation - Security
MetaMask Users Targeted By Phishing Attack Impersonating Popular Metaverse Projects

Upgrade your Solana wallet today

Download

Download Avana Wallet extension for Chrome Browser. New and modern Solana non-custodial crypto wallet

Chrome

Download Avana Wallet extension for Brave Browser. New and modern Solana non-custodial crypto wallet

Brave

Download Avana Wallet extension for Firefox Browser. New and modern Solana non-custodial crypto wallet

Firefox

Download Avana Wallet extension for Edge Browser. New and modern Solana non-custodial crypto wallet

Edge

© 2022 Avana Wallet LLC