Nimiq Security - DNS Hijacking

Hi There,

Please excuse my paranoia but I have been questioning the availability and security of Nimiq when wallets are solely accessed via website domain (wallet.nimiq.com)

For example, is it not possible that a government could effectively censor Nimiq within their country by hijacking the DNS, thus blocking all users from accessing their wallets?

Perhaps even worse, couldn’t an entity hijack the website, redirect it to an identical-looking wallet which phishes users’ details?

Based on this train of thought I have some queries: as a user, how can I ensure that the Nimiq wallet page that I see is in fact the official wallet page and not just some fraudulent page redirect? Is there any way I could store the wallet offline on my setup?

Is this a credible threat or am I just worrying over nought?

Thank you team for your wonderful work. You wouldn’t believe how excited I am for 2.0!

4 Likes

It’s very secure, but everything has it’s weakest link that may be exploited in proper circumstances. This is why I suggest you store your NIM on a NANO S, this way you have to sign on the device and solves any security concerns. You can buy one off the NIMIQ store or LEDGER website.

2 Likes