We all know how exchanges can and will get hacked at one point or another…
But that made me wonder, are there hacker collectives or anything actively searching to hack software wallets? Or at least find flaws in their designs?
Or is this just me being in need of the weekend, and is it a stupid question?
#asknostr
IMHO the most probable attack vectors would not be a security hole in a well established software wallet itself:
- Well known software wallets usually are open source, so bugs get fixed quickly if well maintained. Then there are just too few potential victims who run the vulnerable version, so a mass exploit would usually not be worth the effort.
- I think the most probable attack vectors are the following 3:
1) They make you download or install a tampered or malicious version of a software wallet
2) They try to infect your OS and use your wallet as if you were using it (like sending a transaction to their own address, extracting your private key, keylogger...)
3) The target is you by "social engineering", blackmail, threat you, or making you become friends, trust them, pretending to help you. So you deliberately give them your seed like putting in on their phishing website.
