Attackers have successfully inserted code designed to steal people’s bitcoin into popular open-source software packages that are used by some crypto wallets. The cost of auditing all the code that goes into a system is prohibitive, so this remains an appealing avenue for attacks.

Mitigation:

• Use a mix of different hardware and software for your key storage system.

• Use hardware wallets which have smaller and more carefully audited code bases.