Living in a world where money is necessary for survival pushes many of us to accumulate as much of it as possible and to find ways to store (or hide) it. If we were living in a world where money was not needed, we would still need to find resources to survive and devise ways to store (or hide) them for future use.
In our modern world, many things we need require money, so many of us have tried ways to get the money and to increase the amount we have, in a somewhat effortless way.
However, cryptocurrencies have features that are specific to them: they are just virtual data manipulated by computer programs, they exist in a decentralized network called blockchain, and they need encryption to validate their owners.
These novelties bring some complications. Their virtual nature makes many people inclined to use online means to manage their assets: they save their crypto wallet private keys to the clipboard, or they trust companies with their assets, which use their own private keys.
Hackers have found ways to steal many people and companies’ private keys, taking with them assets worth hundreds of millions of dollars.
Despite these mishaps, people are still investing in cryptocurrency, possibly because money has become an integral ingredient to their survival.
With problems come solutions. Hardware crypto wallets keep private keys offline, which make them harder for hackers to steal.
Another problem with storing your crypto wallet private keys online is that the websites that store them may go offline, so you have no way to sell your cryptocurrencies when this happens.
Even if you lose your hardware crypto wallet, your cryptocurrencies do not automatically vanish because anyone else who finds your wallet may be unable to retrieve your private keys.
If you are here just to know how to connect your Ledger wallet to MetaMask, the next section is exactly about how to do it.
On the other hand, if you want to know why you need to get a hardware crypto wallet, continue reading past the next section: you will find out about several incidents of theft of private keys that were stored online; you will also find out about several outages of crypto-trading platforms, blocking people from using their assets.
Connecting your Ledger to MetaMask
- Connect your Ledger wallet to your computer with a USB cable, and unlock the wallet. Then, open Metamask in your browser. Use your credentials to sign in to Metamask if you are asked to do so.
- Once you have opened Metamask, click the upper right menu, and click “Connect Hardware Wallet”. Then, choose “Ledger” as your wallet.
- Click “Continue”, and Metamask will automatically find your Ledger wallet. Then Metamask will ask you which Ledger account you want to use.
Why getting a hardware crypto wallet
Private keys hacked, stolen, and lost
When you save your crypto wallet private keys in your computer or use your exchange’s keys, hackers may find these keys and use them to steal your cryptocurrencies.
To get access into your computer, they can send you spam emails with links that infect your computer when you click them.
There are many other ways your computer can be hacked, and some of the malware that targets your computer can be designed to specifically search for private keys.
Your exchange’s private keys can be stolen because of vulnerabilities in its software. Some of the best hardware wallets for cryptocurrency can make stealing your private keys harder.
Here is a list of incidents where private keys are stolen from digital wallets or from being stored in a computer; in some cases, the keys are lost by the companies that keep them.
On December 4th, 2021, approximately 150 million dollars have been stolen from Bitmart. The thieves were able to compromise two digital wallets by accessing a private key.
Google Ads for Fake Wallets
Scammers create ads that are listed in Google searches. The links in these ads take the users to websites that mimic legitimate wallet websites. If the users share their private keys on these websites, the scammers then use the keys to withdraw the users’ coins.
Japan’s Liquid Wallet Hack
In August 2021, Liquid Global Exchange announced that it was hacked, resulting in about 90 million dollars being stolen. Although Liquid used multiparty computation for its digital wallets, the hackers found a way to steal the cryptocurrencies.
Bilaxy’s Hacked Hot Wallet
In August 2021, Bilaxy’s ERC20 digital (hot) wallet was hacked, resulting in 295 ERC20 tokens being stolen. Bilaxy disabled its website and transferred its remaining funds to hardware (cold) wallets.
Roll’s Hot Wallet Hacked
In March 2021, Roll announced that one of its digital (hot) wallets was hacked; all the tokens from that online crypto wallet was sold for Ethereum (ETH). According to TechCrunch, the amount of stolen tokens is equivalent to 5.7 million dollars.
Chivo’s Bitcoin Wallet Hacked
The people of Salvador have been encouraged by their government to adopt Bitcoin as a form of payment; Chivo is the official Bitcoin digital wallet, and Salvadorans receive 30 dollars each when they activate their wallets with their government IDs and their face pictures.
Many of these wallets have been reported to have already been activated although their prospective users have never done so, and the 30 dollars, given as an incentive, has been stolen.
bZx Private Key Hacked
In November 2021, bZx, a Defi company, reported that one of its private keys was compromised, resulting in 55 million dollars being stolen. This hack happened after a phishing attack targeted the computer of one of the company’s developer, whereby the hackers found a private key of the company’s digital wallet.
Safepal, a Fake Digital Wallet
Safepal is an online crypto wallet listed as a Firefox add-on, which can be downloaded to any Firefox browser. Although Safepal looked legitimate, it had emptied the wallets of many of its users before Firefox took it off its list of add-ons.
WeSteal, a Crypto Malware
WeSteal is a malware that replaces a victim’s crypto wallet private key saved to the clipboard with its own key, so cryptocurrencies are funneled to the hacker’s wallet when the victim triggers a transaction.
AscendEX’s Digital Wallet Hacked
On December 11th, 2021, one of the digital (hot) wallets of the cryto exchange platform AscendEX has been used to steal cryptocurrencies from the platform. The coins stolen are estimated to be worth 77.7 million dollars.
Vulcan Forged’s Digital Wallets Hacked
Twitter bot scams
Scammers can search for tweets with crypto-related keywords (such as “Bitcoin” and “wallet”), identify tweets from people looking for help recovering their assets, and use bots with links to forms that ask people for their seed phrases.
Once they get the requested information, they use it to access their victims’ digital wallets and steal their assets.
Boy X Highspeed’s private key leaked
In October 2021, a private key of the exchange Boy X Highspeed has been leaked, causing 139 million dollars to be drained from the company. According to CoinDesk, the CEO of the exchange claimed that the leak might have been caused by one of his employees.
The Canadian crypto exchange Quadriga manages its customers’ funds and keeps the private keys to their assets. The CEO of the exchange unexpectedly died and went to the graves with 250 million dollars of his customers. Since he supposedly was the only one knowing the private keys to the assets, there is no way to relinquish the funds to their owners.
Private keys copied
A former employee of the defunct crypto-exchange Cryptopia is charged in 2021 for copying the private keys of several customers of the exchange and stealing their assets worth of about 250 thousand dollars.
Private key swapped
A man clicked a link that downloads a malware to his computer. When he transferred Bitcoins worth about 1 million USD to another account by using his private key saved to the clipboard, the malware replaced the man’s private key with the hackers’ key, so the Bitcoins instead got transferred to the hackers’ account. After spending 10 thousand dollars to hire investigators, he was able to identify the perpetrators.
Private keys lost
StakeHound uses the company Fireblocks to store private keys to its crypto assets. On June 22nd, 2021, StakeHound announced that Fireblocks had lost the private keys to 38,178 Ethereum (ETH), equivalent to 72 million dollars. Without the private keys, that money cannot be withdrawn. StakeHound decided to sue Fireblocks.
Stored private key hacked
A man in the United Kingdom invested some of his money in Ethereum (ETH). Although he was cautious enough to use a hardware wallet to store his keys, he also stored them as a draft in his Gmail account for convenience.
One day, he checked his account to find out that Ethereum worth 25 thousand pounds evaporated. Even if he tried several resources to recover his money, the thieves seem to be still at large.
When cryptocurrency exchanges go offline
Digital wallets can go offline if the third parties hosting them go offline while there is no such issue with hardware wallets since they are physical objects. That’s one perk for getting one of the best hardware wallets for cryptocurrency.
Many cryptocurrency exchanges store their users’ wallet keys. If these exchanges experience an outage, their users lose access to their funds. Here are a few examples of these outages:
In May 2021, Binance’s website was down, causing many investors unable to use the exchange to sell their cryptocurrencies as their prices were plummeting.
Many of these investors have planned to sue the exchange. On November 1st, 2021, Binance blocked all withdrawals because of a backlog.
In February 2021, the cryptocurrency exchange Kraken was shut down after a sudden rise in the price of Bitcoin. Many users of the exchange reported that they could not log in to their accounts.
The developer of crypto-financial products dYdX experienced a disruption on December 8th, 2021, due to an Amazon Web Services outage.
In September 2021, the cryptocurrency trading platform Bitfinex announced that it had to stop trading because of ‘issues’.
An Indian crypto exchange experienced an outage in April 2021 for several hours. Many of its users reported their assets were gone, which was possibly caused by a glitch in the system. According to the CEO of WazirX, the outage was caused by high trading activity.
Huobi Global, Kucoin, BitMax, FTX, and Binance
In February 2021, it was reported that several crypto exchanges were shut down as a result of an outage from Amazon Web Services. Users of many of these platforms were unable to use their assets during the problem.
Although saving crypto wallet private keys online or in a computer seems convenient, thieves can easily steal the keys.
Exchanges that keep private keys have been hacked; sometimes, employees from some of these exchanges steal the private keys.
In some cases, exchanges lose the private keys. When you store the private keys in your computer, you may unknowingly download malware into your device, which can replace your private keys with the hacker’s keys.
Hardware crypto wallets do not store private keys online or in a computer, so they make stealing your private keys much more difficult.
Cryptocurrencies are relatively new, so the technological frameworks built to handle them may still be vulnerable to hackers.
When a software application is published, it may have bugs, which will be dealt with by publishing several updates in the future. Hackers tend to find some of these bugs and use them to cause damage, and software products that handle cryptocurrencies may also suffer from these bug issues.
If you want to invest a large chunk of your money in cryptocurrencies or tokens, check the company you have selected to see what protection it offers in case of theft.
If you store your private keys in your computer that gets hacked and lose your money as a result, you may lose that money for good because the exchange or online wallet company you use may be unwilling to get involved. In such a case, getting one of the best crypto wallets may be the best move to protect your assets.
Before choosing a hardware wallet for your cryptocurrencies, find out about its features and search to see if there have been any issues with it — reading the reviews is a good place to start.