A report from the network security certification platform CER in July found that out of 45 cryptocurrency wallet brands, only 6 brands (13.3%) had undergone penetration testing to discover security vulnerabilities. Among them, only half had tested their latest product versions.

The report stated that the three brands that had undergone the latest penetration testing were MetaMask, ZenGo, and Trust Wallet. Rabby and Bifrost had tested their software's old versions, while Ledger Live had tested an unknown version (listed as "N/A" in the report). All other listed brands in the report had not provided any evidence of conducting these tests.

The report also provided an overall security ranking for each wallet, listing MetaMask, ZenGo, Rabby, Trust Wallet, and Coinbase Wallet as the most secure wallets.

"Penetration testing" is a method used to discover security vulnerabilities in computer systems or software. Security researchers attempt to infiltrate devices or software and use them for unintended purposes. In most cases, penetration testers have little to no knowledge of how the product works. This process is used to simulate real-world hacker attempts to discover vulnerabilities before a product is released.

CER found that out of 45 wallet brands, 39 had not undergone any penetration testing, not even for old versions of the software. CER speculated that the reason for this might be the high cost of these tests, especially if companies frequently upgrade their products, stating, "We attribute this to the volume of general application updates, each of which may render the five tests previously conducted obsolete."

CER also found that the most popular wallet brands were more likely to conduct security audits, including penetration testing, because they typically have the funds to do so:

CER's wallet ranking method includes offering rewards for discovering vulnerabilities, re-evaluating past theft incidents, and improving security features such as password requirements.

While most wallet brands do not conduct penetration testing, CER pointed out that many wallet brands do rely on bug bounties to discover vulnerabilities, which is often an effective means of preventing hacker attacks. The company rated 47 out of 159 wallets overall as "secure," meaning their security scores were above 60. These 159 wallets include some from the same brand. For example, MetaMask for the Edge browser is considered a different wallet from MetaMask for Android.

Wallet security has become an urgent issue in 2023, as over $100 million was lost in the Atomic wallet hack on June 3. The Atomic team speculated that the vulnerability may have been caused by a virus or malware injection into the company's infrastructure, but the exact vulnerability that allowed the attack remains unknown. The network wallet MyAlgo also experienced a security vulnerability at the end of February, with estimated user losses exceeding $9 million.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。