Malware, a persistent thorn in the side of the internet’s wider community, has become an increasing concern for cryptocurrency users. A problem that comes in many forms, malicious software is leveraged by hackers to rob community members of their funds. One program, dubbed the clipboard hijacker, for instance, operates by secretly gaining control of a Windows device’s running memory. It then replaces the Bitcoin address copied into a user’s clipboard with the address of the attacker, leading the user to unwittingly transfers funds to the hacker.
New Jersey–based BlockSafe Technologies is determined to make mobile crypto wallets more secure with a mobile wallet protection app called the CryptoDefender. According to the company, the CryptoDefender mobile app proactively prevents keylogging malware from stealing your cryptocurrency wallet login details.
The mobile app, which has a desktop version, is loaded with a host of features including a password generator that creates and stores strong passwords, a password vault for encrypting and storing passwords securely, a secure browser and an OATH-complaint one-time password (OTP) generator for websites that allows for two-factor authentication.
Proactive Defense
George Waller, who serves as the CEO of BlockSafe and the co-founder of cybersecurity outfit StrikeForce Technologies, played a pivotal role in introducing out-of-band authentication and keystroke encryption to the marketplace. He has also held management roles at RxRemedy, TeachMeIT and HealthSCOUT.
Speaking with Bitcoin Magazine, Waller said the threat posed by bad actors and malware is one of the biggest barriers to the mass adoption of cryptocurrency.
“Wallets are very vulnerable and insecure, with an average of $9 million stolen every day. By far, those most at risk of becoming victims at the hands of bad actors are those without IT teams, sophisticated cybersecurity tools, or the experience to understand how great the risk can really be,” he remarked.
“The best targets to steal crypto from are the everyday investors, the folks that did the research and took the chance of investing their hard-earned dollars in an emerging and revolutionary technology, and as blockchain cybersecurity experts, we simply won’t stand idly by while the community that is the very foundation of this space are robbed straight out of it.”
At the core of how CryptoDefender operates is its keystroke encryption, which blocks keylogging malware and other forms of malware from breaching mobile crypto wallets.
It accomplishes this by encrypting every keystroke a user makes, rather than trying to detect keylogging malware on the device. The app installs an encrypted keystroke keyboard and then routes each encrypted keystroke through its secure data stack, bypassing the original data stack that can easily be hijacked by hackers.
Other Features
CryptoDefender comes with a secure mobile browser, which Waller says prevents against all forms of attack, including man-in-the-middle and man-in-the-browser attacks. Each time a user launches the browser, CryptoDefender will “generate a brand new browser on the fly, [and] when you close it, we dissolve it,” Waller explained.
“We don’t allow browser extensions, tabs, injections, cookies, or any other vulnerable attributes to be loaded into the browser. Every time you open our browser, it’s a brand new one for the first time.”
Users can create strong passwords up to 99 characters in length and store them automatically in the Password Vault for safekeeping. The Vault, which Waller claims is “extremely safe,” works hand in hand with the browser and the encrypted keyboard. He went on further by saying that the Vault uses AES-256 encryption — a key-generation technique used to encrypt data and prevent unwanted access to data — and fingerprint authentication to secure it.
“Many of us buy, sell, and move cryptocurrencies from our phones and desktops; if one device is protected while the other remains vulnerable to intrusion, they both are at risk. CryptoDefender is a tremendous milestone as it represents phase one in our three-part mission to secure the blockchain ecosystem,” Waller added.
Waller said the app is different from a long list of anti-keylogger software offering similar solutions because of its utility as both a downstream and upstream prescription. He also claimed the app is the “only keystroke encryption” product designed to protect crypto wallets.
“We built this with the assumption that your device is already infected, therefore, as soon as you install this, you are protected. Products that take a reactive approach, i.e., anti-virus software, are always stuck in that cat-n-mouse cycle and getting bypassed on a daily basis.”
The mobile app is available on the BlockSafe website for both Android and iOS devices.