Only 6 out of 45 crypto wallet brands have undergone penetration testing: Report

Only 6 out of 45 crypto wallet brands have undergone penetration testing: Report

Aug 09. 2023

By Tom Blackstone

Cybersecurity certification platform CER said the vast majority of wallets do not hire outside experts to perform penetration tests.

A July report from cybersecurity certification platform CER found that only six of 45 cryptocurrency wallet brands, or 13.3%, have undergone penetration testing to find security vulnerabilities. Of these, only half have performed tests on the latest versions of their products.

The three brands that have done up-to-date penetration tests are MetaMask, ZenGo and Trust Wallet, according to the report. Rabby and Bifrost performed penetration testing on older versions of their software, and Ledger Live did it on an unknown version (listed as “N/A” in the report). All other brands listed did not provide any evidence of having done these tests.

The report also provided an overall ranking of the security of each wallet, listing MetaMask, ZenGo, Rabby, Trust Wallet and Coinbase Wallet as being the most secure wallets overall.

CER rankings for wallet security. Source: CER

“Penetration testing” is a method of finding security vulnerabilities in computer systems or software. A security researcher attempts to hack into the device or software and use it for purposes it wasn’t intended for. In most cases, a penetration tester is given little to no information about how the product works. This process is used to simulate real-world attempts at hacking to uncover vulnerabilities before the product is released.