July 13, 2018 Cybersecurity for Crypto Wallets: In
Post# of 82672
by William Peaster 5845 Views
This July, BlockSafe Technologies launched its new CryptoDefender™ desktop suite, software the company has dubbed as the first cybersecurity solution for crypto wallets. It arrives as crypto-thievery has become increasingly prevalent — and profitable. BlockSafe’s CEO George Waller walked Bitsonline through the suite and how it works to mitigate such thefts even on compromised computers.
Also see: New Ledger Live Companion App Seeks to Streamline HODLing
Subscribe to the Bitsonline YouTube channel for great videos featuring industry insiders & experts
Waller: ‘We Needed to Create a Solution That Would Protect Keystrokes’
William Peaster, Bitsonline: From the recent Combojack malware that’s scraping addresses from clipboards to hackers that are surveilling users’ keystrokes, we’ve started to see a little bit of everything. How would you characterize how BlockSafe’s CryptoDefender software approaches these vectors?
George: CryptoDefender for Desktop prevents keystroke loggers from stealing keystrokes, screen scrapers, clipboard hijackers, and clickjacking. Our CryptoDefender Mobile prevents keystroke loggers from stealing keystrokes, and it also includes a hardened browser, a secure vault to store and encrypt passwords and secret keys, and has a two-factor authentication token built-in. We are also currently in the process of building in an anti-screen scraper and a secure alternative clipboard feature.
William: Was there a certain moment or event that the idea for CryptoDefender crystallized around? A specific hack perhaps? Or was it rather just watching the steady rise in crypto thefts?
George: Several years ago an analyst firm wrote a research paper about how “Phishing, with a Keylogger Payload” would drastically change the landscape for hackers.
We knew at that point we needed to create a solution that would protect keystrokes even if the device was infected.
William: BlockSafe Tech is licensing patented security solutions from StrikeForce Technologies’ Ram Pemmaraju, who helped pioneer the Out-of-Band Authentication (OOBA) two-factor authentication method. Do you think the security features of CryptoDefender have a chance at becoming mainstays like how two-factor authentication is today?
George: Yes, absolutely we do.
Over the last several years malware was used in over 90 percent of all data breaches, and of these 90 percent of breaches, over 70 percent of them included a keylogger.
Most APT attacks use the following malware cocktail: 1. Keylogger, 2. Screen Scraper, 3. Command and Control.
William: BlockSafe Tech is going the Security Token Offering (STO) route, which has grown in popularity in 2018. What underpinned the decision for an STO over, say, an Initial Coin Offering?
George: That’s an easy one.
BlockSafe is a subsidiary of StrikeForce Technologies Inc., and StrikeForce has been a public company since August 2005. When we started BlockSafe the goal was always to offer a security token, with that said it still took us several months of discussions with different attorneys to get all the facts on how to be totally SEC compliant. Additionally, our BSAFE Security token will also be a Revenue Participation Token which will pay BSAFE token holders a passive income, 10 percent of sales revenues will be redistributed amongst the BSAFE token holders.
William: CryptoDefender is coming to mobile devices soon. Does BlockSafe Tech have any other forthcoming developments to keep an eye out for?
George: Yes, our upcoming BlockchainDefender is going to be a game changer for private blockchains. BlockchainDefender will act as a gateway between the application and a private blockchain. It examines every message, checks if it is allowed as per enterprise rules & policy, scans the contents of data fields for malware and authenticates transactions via the ProtectID® Out-of-Band Authentication system. Features include authentication of blockchain transactions, a content scanner to stop malware before it enters the blockchain, a “Rules and Policy Enginge” to define how messages are processed, and a Load Balancer and DDoS Mitigator to balance traffic and shield the blockchain. Our agent can also pass the blockchain messages to enterprise systems or other blockchains via appropriate gateways.
Turning ‘Hot’ to ‘Cold’
Cryptocurrency hardware wallets are the conventionally suggested method for protecting crypto assets. But a large segment of cryptoverse denizens still don’t have hardware wallets, which isolates these users’ digital commerce to their internet-connected computers and mobile devices.
It’s precisely this online “hot wallet” dynamic that’s left so many cryptocurrency hodlers subject to a variety of different remote, web-launched attacks.
CryptoDefender
Historical crypto hacks: the bad, the worse, and the downright ugly.
Alas, then, BlockSafe Technologies‘ CryptoDefender suite is a bid to let hot wallet users enjoy the level of security they’d expect from “cold storage” but from the convenience of their laptops, smartphones, and the like. If hackers can’t see what you’re doing or typing on your computer, they can’t get to your crypto.
One of the more commonly repeated dictums in the space is that cryptocurrency custody will have to get easier and safer for mass adoption to occur. Making hot wallets secure to use for entrepreneurs and retail investors is a definite stab in that direction.