These Flaws Make Cryptocurrency Exchanges Susceptible to Attacks

These Flaws Make Cryptocurrency Exchanges Susceptible to Attacks
фото показано с : btcmanager.com

2018-7-20 07:00

It is a proven fact that the blockchain has an impressive 99.64 percent reliability. However, the same can’t be said of cryptocurrency exchanges. Amidst that backdrop, Sameer Dixit, the Senior Director of Security Consulting at Spirent Communications, has identified some characteristic flaws of crypto exchanges which must be tackled to shield the over $350 billion cryptocurrency industry from more heists than it has already suffered.

Loopholes in Exchanges

The cryptoverse, considered by scores of enthusiasts across the globe as a blazing monetary development, has been incessantly punctured by the cruel activities of cyberpunks. These bad actors stay on the trail of cryptocurrency exchanges to decrypt the security details of investors and cart away their valuable digital assets.

The following are some of the security loopholes that make it easy for hackers to break into crypto exchanges.

Credentials Breach

According to Dixit, the primary cause of most crypto exchange hacks is “compromised credentials.” Crypto exchange administrators are often prime targets of hackers since they have authorized access to the private keys of all users on the platform. In 2017, reports emerged that hackers had gained access to the PC of a Bithumb exchange employee, which contained personal information of thousands of exchange users that hackers used to steal users’ crypto.

Similarly, in December 2017, BTCManager reported that hackers had stolen about $64 million worth of bitcoin from the NiceHash crypto mining platform, also due to compromised credentials.

Code Vulnerabilities

In 2016, cyber thieves were able to exploit a loophole in the code for a decentralized autonomous organization (DAO), stealing vast amounts of cryptocurrency. The DAO was designed as a decentralized investment fund that delegated powers to contributors regarding how the funds were applied. The idea was that managing transactions through code solved the problem of human deceit and that shared powers would prevent stealing. Unfortunately, though the system was invulnerable enough to withstand intrusion to some extent, criminals eventually identified a bug in the code that helped them attack the platform.

Test Accounts

Test accounts are another avenue through which cryptocurrency hunters access a network since such accounts are typically neither effectively managed nor well monitored. Developers use accounts with different permissions and access privileges to test code and verify that everything works the way it should.

Under normal circumstances, test accounts should only exist in a test or staging environment and are not to be used in a production environment. If test accounts are absolutely necessary, the accounts should have just the minimum level of privileges and access required for basic performance and functionality testing. Dixit recommends that periodic audits of the production environment should identify and remove any rogue test accounts.

Lack of Roles Separation

Dixit also discussed a need to limit who has access to what information and to set clear rules for when access is given. He explains that, “Another best practice is to ensure separation of duties and implement the practice of ‘least privileged access’ for accounts.” He recommends strict regulation of developers’ access to production systems to include emergency situations only.

Transaction Malleability

Some of the most massive cryptocurrency exchange hacks in history were a result of transaction malleability. While data stored on the blockchain is immutable, most exchanges still use centralized databases, making them susceptible to transaction malleability attacks. In 2014, hackers took advantage of this flaw to divert $500 million in bitcoin from the Mt. Gox crypto exchange.

Inadequacies in Hot Wallets

Storing cryptos in cold storage remains the surest way of keeping digital assets safe. Exchanges find it a Herculean task to use this method because clients send in withdrawal requests on a 24/7 basis. It is essential for hot wallets to be secured with multi-signature private keys, so as to make it impossible for hackers to compromise the system with just one private key, as in the case of the Coincheck exchange hack of January 2018.

Final Thoughts

As cryptocurrency battles for a a place in mainstream finance, heists and hacks continue to set it back.  It seems reasonable to expect improvements in the near future given the high demand for safe storage and transacting of cryptocurrencies. In the meantime, exchanges and users alike need to practice advanced security measures to mitigate risks until solutions are found.

The post These Flaws Make Cryptocurrency Exchanges Susceptible to Attacks appeared first on BTCMANAGER.

Similar to Notcoin - Blum - Airdrops In 2024

origin »

Global Cryptocurrency (GCC) на Currencies.ru

$ 0 (+0.00%)
Объем 24H $0
Изменеия 24h: 0.00 %, 7d: 0.00 %
Cегодня L: $0 - H: $0
Капитализация $0 Rank 99999
Цена в час новости $ 0.00313551 (-100%)

cryptocurrency exchanges flaws attacks susceptible make these

cryptocurrency exchanges → Результатов: 126


CAIZcoin: the debut of pioneering Islamic compliant cryptocurrency on global exchanges is here

The eagerly anticipated global debut of CAIZcoin, a cryptocurrency based in the EU that adheres to Islamic financial principles, is just around the corner. With more than 30 exchanges set to list CAIZThe post CAIZcoin: the debut of pioneering Islamic compliant cryptocurrency on global exchanges is here appeared first on AMBCrypto.

2023-8-21 11:00


Фото:

Impressive Feat: Chainlink Overtakes Bitcoin To Become The Most Traded Cryptocurrency On Major Exchanges

LINK’s winning streak continues. The token which is now ranked as the sixth-biggest by market capitalization has registered a near-constant upsurge over the past couple of weeks. Following this meteoric rise, LINK’s trading volume has surpassed that of the benchmark cryptocurrency on major cryptocurrency exchanges.

2020-8-10 16:32


Фото:

Cryptocurrency Exchanges Resort to Marketing Measures to Revive Falling Volume

Large cryptocurrency exchanges, including Binance and BitMex, have recently increased their referral fee in a bid to bring back customers and stage a revival in exchange volumes. According to sources from Bloomberg, exchange volumes have fallen by nearly 40 percent over the year, and exchanges are desperate to stage a resurgence as their revenue isRead MoreRead More.

2019-9-26 20:00


Фото:

Moonday Morning: Bitcoin dev ordered to prove Craig Wright isn’t Satoshi

It’s Monday which means it’s Moonday Morning and time to catch up with the top news from over the weekend. Let’s get to it. 1. Canadian financial regulators are learning from the QuadrigaCX debacle and are taking action to begin regulating cryptocurrency exchanges to mitigate the risks associated with virtual currency exchanges.

2019-3-18 12:36