In recent weeks and months, we’ve observed a concerning rise in HDN being stolen from individual community members. We want to emphasize that we are shocked and saddened to see this on such a large scale, as it hurts our token and your well-being as a holder. To address this matter and increase awareness related to these events, we’ve composed this article to shed light on the recent scams and provide information on how to safeguard yourself.

First of all, rest assured that the way the funds have been stolen has nothing to do with compromised technology, a bug in the Arbitrum network, or a specific security issue related to Hydranet. The main exploitation method we have identified is a so-called “Fake Airdrop” scheme. This type of scam requires the victim to interact with a malicious smart contract, typically on a false airdrop website, which in turn gives the scammer control over the victim’s funds. For instance, whenever you interact with, for example, Uniswap or another Web3 application through MetaMask, you get several messages asking you for your digital signature. These messages are designed to serve you with information of what you are giving approval for. When these messages do not provide you with sufficient information, and you fail to scrutinize and confirm them, it may leave you vulnerable to exploitation. Therefore, it’s crucial to always understand the content of these messages before proceeding.

It takes just a few steps for your wallet to be drained if you’re not cautious. Here’s how it can happen:

1. You come across an advertisement or get a direct message about a lucrative airdrop you can claim.
2. The advertisement or the direct message contain a link, which you click.
3. The destination site convinces you that you qualify for the airdrop. All you need to do is to connect your wallet and claim it.
4. Your greed gets the better of you, so you connect your wallet and initiate the claim.
5. Without thoroughly checking the prompted messages in MetaMask, you proceed to sign them in succession.
6. Without your knowledge, you’ve granted approval for the scammer to spend an unlimited amount of funds from your wallet, resulting in your funds being drained.
7. You got hacked.

Taking this example as a lesson, always read and understand the messages prompted in, for instance, MetaMask, manually adjust spending limits, and secure your crypto as you would safeguard your dollars. A good strategy is to store the majority of your funds at a secure place, with quick access only to what you need for day-to-day activities. If you encounter advertisements as the one in the example above, seek validation and ask the team or community for guidance. Do not act rashly as your financial well-being is at risk.

Please have a look at this example of how you can safeguard yourself. Also, read our security article here.

Where can I store my cryptocurrencies?

There are several methods you can use to store your cryptocurrencies securely. Two terms that are often mentioned in this context are cold and hot wallets. These terms describe two broad categories of cryptocurrency wallets based on their connection to the internet and thereby their level of security. Understanding their differences is essential for safeguarding your cryptocurrency assets effectively.

A cold wallet is a cryptocurrency wallet that is disconnected from the internet. It is used for storing cryptocurrencies for the long-term and to protect them from online hacking threats and unauthorized access. Examples include hardware wallets and paper wallets. With hardware wallets specifically, you have to physically sign transactions with your hardware device before they are approved, adding an extra layer of protection.

The advantages of cold wallets are:

• Security: Since cold wallets are disconnected from the internet, they are not exposed to online hacking risks.
• Offline storage: Your private keys are stored offline on your hardware device.
• Long-Term Storage: Perfect for storing cryptocurrencies that you don’t plan to use or trade often.

The disadvantages of cold wallets are:

• Less Accessible: Cold wallets are less convenient for daily transactions since they require manual steps to access and use.

A hot wallet is a cryptocurrency wallet that is connected to the internet. Individuals who regularly use their cryptocurrencies for purchases or trading often use hot wallets due to their convenience and accessibility. Hot wallets are typically accessible through desktop applications, mobile apps, and web interfaces.

The advantages of hot wallets are:

• Accessibility: You can access your funds anytime, anywhere with internet access.
• Ease of Use: Generally easy to use with a friendly interface for managing and moving assets.
• Fast Transactions: Great for people who frequently use or trade cryptocurrencies.

The disadvantages of hot wallets are:

• Security Risks: Because hot wallets are connected to the internet, they are more vulnerable to online threats such as hacking, malware, and phishing attacks.
• Not Suitable for Large Amounts: Due to the security risk of hot wallets, they are not recommended for storing significant amounts of cryptocurrencies.

Choosing between a cold wallet and a hot wallet depends on your personal needs and what you’re comfortable with in terms of convenience versus security. If you’re actively trading, a hot wallet might be better suited for you. But if you’re saving your crypto for the future, a cold wallet provides more security. Many people use both: they keep a small amount of crypto in a hot wallet for daily use and store the rest in a cold wallet for safety.

So, in conclusion, where can you store your cryptocurrencies?

• Cold Wallet: Trezor, Ledger and any type that supports Ethereum & ERC20 tokens*
• Hot wallet: Metamask, Trustwallet, Coinbase wallet

* You may have to use 3rd party apps as an interface to interact with some side-chains like Arbitrum, Optimism. Trezor, for example, doesn’t have native Arbitrum support and requires e.g. Metamask to operate.

Thanks to iPally, a Hydranet DAO member, who helped compose this article!

‍