BitMEX Ups Security Procedures After Informing Of Unauthorized Attempts To Enter Users’ Accounts
BitMEX Informs Unauthorized Attempts To Enter Users’Accounts
- BitMEX explains users experienced unauthorized attempts to enter their accounts
- There are many measures that users can implement to protect their funds
The cryptocurrency exchange BitMEX informed that the number of unauthorized attempts to access users’ accounts on BitMEX is growing. The information was released by the company in a recently uploaded blog post.
Unauthorized Attempts To Access Accounts Increased
BitMEX, one of the largest and most recognized exchanges in the market has registered an increased number of unauthorized attempts to access users’ accounts. The firm is currently advising users to use better passwords, enable Two-Factor Authentication (2FA) and store their passwords on a password manager.
BitMEX informs that the victims of these attacks did not receive account-related email notifications when an unauthorized party wanted to access their account. Some users have lost their funds after having their emails compromised.
The company said about it on its blog post:
“We have observed an increased number of unauthorized attempts to access customer accounts. We would like to remind all customers and users to please protect your BitMEX and personal accounts by: using strong and unique passwords; enabling Two-Factor Authentication (2FA) for all your accounts; and using a password manager.”
According to the exchange, they have always been focusing on security as the number one priority. This is why they adopted a manual multi-signature cold wallet setup in order to protect users’ funds on the platform. Moreover, they are also improving their security procedures and standards as time passes.
This is not the first time that BitMEX gives advice to users to improve their security credentials. Back in 2016, after a large botnet credential reuse attack, they published a blog post in which they requested users to follow stricter security measures to protect their digital assets. Currently, the best way to protect an account is by adding 2FA.
They explain that they have seen other irregular activities in which attackers have access to accounts and trade the funds between other accounts they have. In order to improve security, customers will not be able to disable login notification emails. These login notification emails will be sent regardless of existing notification preferences. In addition to it, Withdrawal requests issued via API must complete an email verification step to confirm it.