Warning: Smartphone text prediction software saves users wallet recovery phrase



An IT expert recently warned of a security breach in smartphones that would allow hackers to easily access users’ wallets and transfer their assets. This security issue is present in most mobile phones and users who use their mobile phones to access their wallets need to be very careful.

According to the Quin Telegraph, the term “opening phrases” is any combination of a list of 2,048 standard words “BIP-39” or a bitcoin recovery protocol that acts as the first layer of security against unauthorized access to users’ digital assets. However, what would you do if the text prediction algorithm on your keyboard showed you key phrases in your wallet while typing on your mobile phone?

Andre, a 33-year-old German IT specialist, recently posted on the social network r / CryptoCurrency Reddit after learning that his mobile phone could predict the full text of the phrase to restore his wallet as soon as he writes the first word. Published.

As a friendly warning to Reddit users and digital currency enthusiasts, Andre said in his post that hackers can easily take advantage of this feature and steal users’ assets just by writing the first word on the standard BIP-39 list.

He wrote in his post:

This makes it easier for hackers to see what the smartphone has to offer then, just by attacking the phone, opening any application they can chat, and typing any word from the BIP-39 list.

Andre, known on Reddit as “u / Divinux”, said he was shocked to find that his phone could correctly guess the phrase to extract 12 to 24 words.

He added:

At first I was stunned. I thought I guessed the first two words [عبارت بازیابی] It could be an accident.

The German investor in digital currency, as a person with sufficient knowledge of technology, managed to experiment with methods by which his mobile phone can predict exactly the words of the extraction phrase. He added that after realizing the possible effect of this information leaking to the outside world and its use by inappropriate people, “I decided that I should inform the public about this. “I’m sure there are other people like me who have already entered their recovery phrase on the phone.”

Andre’s experiments showed that Google Keyboard (GBoard) has the least vulnerability; Because this software was not able to predict all the words correctly and correctly. However, Microsoft’s Swiftkey keyboard was able to predict exactly all the words in the recovery phrase. The Samsung keyboard can also predict words if the Auto Replace option and the Text Correction Suggestion option were turned on manually in the settings section.

Andre began his career in digital currencies in 2015. He soon lost interest in the field, only to find out later that he could buy various goods and services using bitcoins and other tokens. Andre’s investment strategy includes buying and storing bitcoins and altcoins such as Luna, Algrand and Thezos. As these altcoins grow, Andre buys bitcoins from his investment income using the average dollar price (DCA) method. The IT specialist also develops his own digital tokens and currencies as a hobby.

According to Andre, one of the security measures that can be taken against possible hacks is the storage of valuable and fixed assets in hardware portfolios.

He advises Reddit users around the world:

Without a private key, your assets are not for you. Do your own investment research. Do not receive FOMO. Never invest more than you can afford. Always check the address to which you are sending the token again. Before transferring large amounts, first send a small amount of tokens to the desired test address. Disable text prediction from your mobile phone settings. Finally, do yourself a favor and prevent this from happening by clearing the cache of the mobile text forecasting section.

Read also: Compare and review the best hardware wallets (Update 2022)

PeckShield, a blockchain security company, recently alerted the digital currency community to a large number of phishing websites targeting STEPN users.

Packshild has uncovered several examples of fake Metamsk wallet plug-ins for Internet browsers that hackers can use to steal Stepan’s recovery conditions. In fact, hackers’ access to the recovery of users’ wallets guarantees full control over their victims’ digital assets.

The publication Warning: The text prediction software on the smartphone keeps the phrase to restore the wallet of users appeared for the first time on Arzdigital.

Leave Your Comment

Your email address will not be published.

Supportscreen tag