Evil maid attack: every second away from the device is a crisis

Author: OneKey Chinese, Source: Author Twitter @OneKeyCN

Imagine that you have become financially free by holding 1,000 Bitcoins. Living in a beautiful manor by the sea in Singapore, you are waited on by 12 maids in turn every day.

Until one day, you suddenly received a call while you were transferring money, and you temporarily walked away without turning off the computer. When you come back, everything about you is gone, everything is in vain.

This kind of attack that physically accesses an unattended computer or device is often called an "Evil Maid Attack" in the computer security field. (Some people in China also jokingly call it "evil girlfriend attack", saying it is likely to happen to the person next to your pillow.)

The situation mentioned above may be a bit dreamy. To give a more homely example: When we travel for business or leisure, we often leave our laptops in hotel rooms. Now, what would you do if there was an "evil maid" at the hotel - a cleaner (or someone pretending to be a cleaner) who physically hacked your device during the normal course of cleaning the hotel room? ?

It is possible that for most ordinary people, this is an excessive worry. But for high-net-worth individuals, such as encryption company executives traveling for meetings or capital tycoons who hold keys, they need to seriously consider this matter.  

How to prevent attacks?

1. Ensure the monitoring of the device to the greatest extent

As far as possible, do not leave the device alone in an unsafe place. If the device must be left behind, such as in a hotel room, consider using a method of physically locking the device, such as using a security cable lock.

Use web-based monitoring software to install anti-theft tracking software for your devices. Monitor the opening of the device and the activity of the wallet address in a timely manner. It's even possible to install location assistance, which, while it may not prevent physical intervention, can track the device's location after it has been tampered with.

When choosing a hotel, whenever possible choose accommodation with secure storage facilities, such as an in-room safe, to store your equipment.

2. Reduce risk exposure and prevent single points of failure

Use multi-signature wallets for added security. In this setup, to execute a transaction, signatures from multiple independent parties are required, thus reducing the risk of one person or device being compromised and funds being lost.

Don’t store all your crypto assets in one wallet or place. Spread your and your organization's assets across multiple wallets, including hot wallets (those connected to the internet) and cold wallets (those stored offline). Make sure you don't lose all your assets if you lose a device.

For important assets, use hardware wallets instead of software wallets. Hardware wallets provide physical isolation and can be carried around, unlike hot wallets that can be accessed because you forget to turn off your computer.

Use biometric security measures, such as fingerprint or facial recognition, during the verification process, which are often harder to bypass or detect than traditional passwords.

3. The last line of defense

Be sure to assume the worst case scenario. After all, when you are targeted by the "evil maid", you never know when she will "take advantage of you" Your illness will kill you." Develop a contingency plan for lost or stolen devices, including how to remotely lock or wipe data on the device if an anomaly is detected.

In short

Compared to the previously mentioned "$5 Wrench Attack", "Evil Maid" is gentler, but just as deadly.

Whether it is an "evil maid", an "evil girlfriend" or even an "evil family member", for individuals and organizations that hold large amounts of crypto assets, in order to protect your devices and crypto wallets, please be sure to take comprehensive measures Safety practices.