If you have any crypto-coins then you probably also have some form of wallet to keep them in. Coin wallets come in many forms:
- Physical like Trezor or a paper wallet
- Web like MyEtherWallet
- Desktop like Green Address or an altcoin wallet.
- Mobile like Mycelium or Bread Wallet
I often use My Ether Wallet even though it exposes me to some risk. It is easy to use and splitting my holdings into separate wallets evens out the risk factor somewhat. But there is another type of wallet on that list that may pose high risks, and not only to your coins.
Can a coin carry a crypto virus?
I don’t know if a crypto coin can carry a virus. What I do know is that a downloadable program certainly can and the desktop coin wallet you just installed is a program and might or might not be putting you at risk. Sure, your virus program should be able to detect any malicious code in a coin wallet during download and install, but no system is ever perfect. I doubt a virus program would have any objections to clean code that turns out to have a specific program-only backdoor in it.
Hacking a wallet
I’m a fan of altcoins and own a bunch of less established coins because I actively seek to invest in coins with high volatility and/or reward system. I have a few staking coins and most of them use a clone of the QT wallet. Many times, it is very difficult to know where to safely download such a wallet from and even if on github, which version is currently ok. As far as I can tell, NONE of these wallets have passed any form of third party security audit or trust certification. But many of these are open source and the community would react and patch? In a perfect world yes, but the whole crypto coin market (specially with reward coins) is so new and small there is often only 1 or 2 developers on the project, meaning there is not enough community audit to guarantee anything. Coding quality also plays a part in how vulnerable a program is and if you have used a couple of coin wallets you will probably have noticed how clunky, buggy and thin these programs are. Even the massive IOTA project doesn't have a wallet that can be expected to work like intended ;)
A backdoor into a wallet may not be inserted by the developers, the wallet may have been hacked by external forces, or by a developer no longer on the “team”. This is all painting black on a bright wall but it may be beneficial to at least consider the possibility that you wake up one day and your staking wallet is empty.
How to stay safe when using desktop coin wallets?
I don’t have an answer on how to securely use a desktop wallet other than that the bigger the team and the more established the coin/wallet, the lesser the risk it may be tampered with.
For my own part, I am willing to take these risks since I currently enjoy experimenting with staking (rain condensate and syndicate) and have so far not encountered any suspicious activity.