Glossary Security & Privacy Front-End Attack
Security & Privacy Advanced

Front-End Attack

Definition

Compromising a dApp's web interface rather than its smart contracts. Attackers inject malicious code into the frontend to redirect transactions, replace addresses, or serve drainer contracts to users.

📖
Difficulty
Advanced
🏷️
Category
Security & Privacy
📚
See Also
8 related

Key Takeaways

1

Compromising a dApp's web interface rather than its smart contracts.

2

Attackers inject malicious code into the frontend to redirect transactions, replace addresses, or serve drainer contracts to users.

Why It Matters

This security concept directly protects your crypto assets. Ignoring it puts your funds at risk. Even experienced users should regularly review their security practices.

Related Terms in Security & Privacy

Private Key Security
The practice of protecting your cryptocurrency private keys from theft, loss, and unauthorized access. Includes hardware wallets, encrypted backups, physical security, and operational security protocols.
Seed Phrase Backup
Securely storing your wallet's recovery phrase offline. Best practices include metal backups (fire/water resistant), multiple locations, and never storing digitally. Losing your seed phrase means losing access permanently.
Hardware Wallet
A physical device storing private keys offline in a secure element chip. Transactions are signed on-device and never expose keys to the internet. Ledger, Trezor, and Keystone are leading brands.
Air-Gapped Wallet
A wallet on a device with no network connectivity — no WiFi, Bluetooth, or USB data. Signs transactions via QR codes or microSD cards. The highest security level for crypto storage.
Multi-Sig
A wallet requiring multiple private key signatures to authorize transactions. Common configurations: 2-of-3, 3-of-5. Eliminates single points of failure. Used by DAOs, exchanges, and security-conscious individuals.
2FA
Two-Factor Authentication — requiring a second verification method beyond your password. TOTP apps (Google Authenticator, Authy) generate time-based codes. Essential security for all crypto exchange accounts.
TOTP
Time-based One-Time Password — a 2FA method generating 6-digit codes that change every 30 seconds. More secure than SMS-based 2FA because it's not vulnerable to SIM swap attacks.
YubiKey
A physical security key providing hardware-based 2FA via USB or NFC. Phishing-resistant because authentication requires physical presence of the key. The gold standard for account security.

Explore Other Categories

Core & Fundamentals Trading & Markets DeFi Technology & Protocol NFTs & Gaming Regulation & Legal Mining & Consensus

Want to master crypto?

Get daily crypto intelligence delivered to your inbox — free forever.

Subscribe Free → Browse Guides →