Cryptocurrency exchanges have recently been the target of hack attacks looking to steal the funds resident in users’ wallets as well as their private information. Whether centralized like Binance or decentralized like IDEX, all of these exchanges have their weaknesses.
For instance, centralized exchanges can actually steal from their users, while decentralized ones are still struggling with both stability and security issues.
As a result, many users –often running into the millions- have had their accounts hacked and their crypto wallets emptied. This is why cryptocurrency security, particularly among exchanges is a big deal. For instance, between January and May 2018, over $1.1 billion in cryptocurrency tokens were stolen by hackers.
Another August 25 hacking incident targeted at the Atlas Quantum platform was successful. The frequency at which these hack attacks and asset thefts happen is very alarming. In fact, considering that there have been many in the last 3-4 years alone, one is likely to panic and stop using any of the exchanges.
The good news is that many exchanges are on top of their security situations, with many hiring their in-house cyber or crypto security experts to prevent any incidents. And this has proven quite effective seeing as they learned from the past crypto hacking incidents, and have deployed countermeasures for similar or even different scenarios.
There have been quite a few hacking incidents in the history of cryptocurrencies, but some stand out more.
Cryptocurrency Exchange Hacks And Security Measures
Let’s take a look at those events.
The Mt. Gox Hack
This US based exchange which was founded by Jed McCaleb and Mark Karpeles experienced the biggest hacking incident in the history of cryptocurrencies. Over 1.35 million bitcoin tokens were stolen from the Mt. Gox exchange by hackers.
To put this in perspective, that’s over $7 billion USD lost to hackers, given the current bitcoin rate. Lots of traders lost huge sums to this. The hacking incidents involved two separate incidents which happened in 2011 and 2014, with the hackers stealing 500,000 and 850,000 BTC respectively.
They did this by hacking the exchange’s depository, resulting in huge losses and effectively burying the company. After both incidents, Mt. Gox’s reputation plummeted with many traders and investors avoiding them.
Unfortunately, the hackers were so efficient at covering their tracks that only 200,000 BTC was confirmed as stolen. The remaining 1.15 million just “vanished into the wind” like they were never there.
As a result of this attack, the exchange closed its doors in the same year, leaning investors and traders who were using the platform shocked and suffering serious financial losses. The hacking incidents didn’t just affect the platform alone, its ripple effects were felt across the entire cryptocurrency community. Bitcoin’s price dropped in both instances, resulting in significant losses for traders and investors.
Unfortunately, the remnants of the company still suffered another backlash in 2018, when its arbitration manager sold 35,841 BTC. Users called for the payment of their lost funds in bitcoin.
What’s The Lesson Here –Tips To Prevent A Repeat Incident
Crypto exchange platforms can improve their defenses by hiring reputable security auditors who will test and protect the platform from external scans, update the platform and mitigate DDoS attacks.
Smart exchanges only hire one contractor because that leaves less vulnerability and shores up the security of the platform.
Many are now integrating traditional banking tools like two factor authentication (2FA), cold storage, withdrawal authorization layers, master wallets, the issuing of crypto debit cards, IP address verification and email confirmation, and device restrictions.
These are commonly found on centralized exchanges which often have the resources to hire security experts, hide their servers and deploy top notch security measures.
The Bitfloor Incident
Another exchange that was hacked, Bitfloor is a US based exchange that lost 24,000 BTC to hackers in 2012.
The event was triggered by a server outage that was either due to a DDoS attack or power outage –we’re inclined towards DDoS, otherwise hackers wouldn’t have been able to steal that many bitcoins at that exact same time.
Anyway, unbeknownst to the company, hackers had obtained a copy of their hot wallet’s private key during the downtime and used it to withdraw 24,000 BTC before the company knew it.
After the event, the company’s founder made an effort to compensate victims who lost their bitcoins with a stake in the company’s property, but that didn’t work as there were no takers. The result of this was the company’s eventual shutdown, leading to significant losses for investors.
Steps To Take To Prevent A Recurrence
The company clearly made two huge mistakes:
- Not encrypting the data on their servers
- Leaving significant amounts of bitcoin in their hot wallet
The sad part is that these two weaknesses could have been averted by being more careful. Data encryption –even military grade types- are pretty common these days.
The same goes for cold storage and wallets. Simply doing those two things would have prevented the loss. For the hackers, it was like taking money from a child.
So, cryptocurrency exchanges must endeavor to avoid similar incidents by ensuring that the bulk of any exchange’s cryptos are stored in cold wallets, leaving only small amounts in hot wallets.
This takes care of the solvency problem. Exchanges should also be careful about automated transfers from cold to hot wallets. As much as possible, this should be done manually. Security measures should be put in place to detect hack attempts disguised as regular customer withdrawals.
And limits should be placed on withdrawals –should be limited to what’s available in the hot wallet. Finally, exchanges can easily create a copy of their database that can’t be edited or tampered with. This way, there’s a database and records to compare with in any eventuality.
The Poloniex Hacking Incident
One of the more functioning and popular exchanges, Poloniex has also been subjected to hack attacks, no thanks to a major bug in the exchange platform’s software.
With this bug, users were able to withdraw amounts exceeding their limits at the time. Some people caught on to this and used it to their advantage, while others didn’t. The company didn’t declare exactly how much was lost; only a percentage -12.3%.
Unfortunately, unwitting traders had to pay for this error. The company deducted and froze similar amounts from users’ accounts for a while, and then returned to them later. However, the company increased its withdrawal fees by 1.5 percent to mitigate the losses.
The good news is traders on the platform thought it was fair, and have continued to use the platform since then.
How To Prevent Repeat Occurrence
While the company’s CEO clearly admitted his mistakes, the company has also taken steps to prevent it from happening again. For starters, withdrawals on Poloniex are now queued at every step and processed chronologically. Technology that scans for negative balances have also been implemented on the platform.
All orders placed on the platform are done sequentially and verified at each step until it’s completed. Finally, the company employed cyber security employees to actively monitor and repel hack attacks, fix bugs, identify security flaws before they happen and established a reward program for users who identify a bug before the team.
The Bitstamp Event
Located in Slovenia, Bitstamp was hacked in 2015. In a manner similar to Poloniex, Bitstamp’s hot wallet was also emptied to the tune of 19,000 BTC or the equivalent of approximately $1.43 billion USD.
The hackers simply used an ordinary phishing method to execute the hacks. All they did was send personalized skype and email messages with malware loaded links from seemingly familiar sources.
When their system admin clicked on the link, he automatically downloaded the malware, which hacked the entire exchange, netting the hackers a tidy sum in bitcoins. The good thing is the company was proactive with its response, and was quick to inform traders of the occurrence.
Unfortunately, investors and traders weren’t compensated for their losses, but the company rallied and shored up its security by deploying multi-signature measures on its platform. Even better, the company now has 98% of its cryptos kept in cold storage and away from hackers.
The Bitfinex Problem
Located in the British Virgin Islands, Bitfinex lost 120,000 BTC in 2016. This was due to a complex hack attack that tricked the multi-signature platform to approve transactions from their hot wallet, by the time the company found out, it was too late.
The hackers had made away with their loot, leaving the company in debt to the tune of $900 million (current day value). How the hackers were able to successfully trick the algorithm into executing those transactions is still a mystery.
To save the platform, the company froze about 37 percent of all users’ balance, and then converted to BFX tokens, which can either be exchanged for fiat currencies or iFinex Inc.’s shares. This is how the company successfully fended off bankruptcy and liquidation.
Prevention And Protection Tips
While there hasn’t been a known solution to this problem, a Cornell University professor has proffered a possible solution called the Vault. This vault will have two keys: one for unlocking it, the other for recovering your funds.
So, if someone is able to unlock the vault and withdraw your funds, you can use the recovery key to reverse the withdrawal, as long as it’s done within 24 hours of the event. For now though, it looks like this solution is only a theory and restricted to bitcoins alone.
Exchanges That Were Hacked In 2018
While the aforementioned are some of the industry’s biggest hacks, the industry has seen quite a few significant hacks in 2018. So far, about $1.1 billion in cryptocurrencies have been stolen this year from exchanges and crypto platforms. Let’s take a look at the events.
Japan’s Coincheck recently had over 520 NEM tokens stolen from the exchange. This attack was carried out in the last week of January, and targeted at their hot wallet.
In a manner reminiscent of past incidents, the exchange left far too many tokens in their hot wallet and didn’t add the extra protection of a multi-signature protocol. As a result, it was easy for the hackers to just swoop in, empty the wallet and walk away.
While the hackers haven’t been able to sell or trade those coins –thanks to many proactive measures set in place to deter their sale- the reality is that the exchange lost a huge sum.
Some of the instated measures set in place to deter the sale of the NEM tokens include placing a ban on the exchange of NEM, blacklisting all recipient addresses with a tag that will prevent people from doing business with them, and largely discouraging bulk trades of the cryptocurrency.
You would expect that many exchanges would have instituted measures such as multi-signature protection and keeping only small amounts of cryptos in their hot wallets. But Coincheck apparently didn’t.
Smart exchanges that want to avoid being victims of similar attacks would do well to institute these measures, as well as add multiple security layers where transactions are validated and approved before they’re moved on to the next phase.
In fact, many exchanges have instituted a time delay on all withdrawals, which often undergo manual review before they are finally released to the investors or traders. They also move all unnecessary tokens to cold storage when they have more than enough for liquidity purposes.
The good news is even though measures like time delayed withdrawals are a little inconveniencing for customers, they understand and appreciate it.
The BitGrail Hack
Early this year, BitGrail suffered a significant loss in Nano (XRB) to the $170 million through hack attacks targeted at the exchange. The exchange was eventually shut down and the remaining crypto assets held by the company, seized and used to compensate investors who lost money.
The South Korean exchange Coinrail, lost cryptos valued $40 million in June this year, to hackers. As with similar hack attacks, none of the tokens were recovered. But, the exchange resumed trading a month after, and offered a gradual compensation scheme to those who suffered significant losses. They also offered to reward victims with the exchange’s native token the RAIL, to the tune of what they lost.
The Bithumb Hack
Another South Korean exchange, Bithumb lost $30 million to hackers when they took advantage of a bug in their new software upgrade. This is not the first time the exchange has been hacked by the way.
Back in 2017, over 30,000 users’ accounts on the platform were affected. The good news is the company reacted pretty quickly, stopping all trades and then upgrading their security. While the funds haven’t been recovered, the company has promised to compensate victims from its company purse.
The crypto tokens that were stolen were also from the exchange’s hot wallet. it is very clear that some of these smaller exchanges think they can’t be targeted, simply because they’re not a big target. But, that’s not true. For the hackers, they think of these exchanges as easy pickings.
The best way to prevent this is to just move all excess funds that aren’t necessary for liquidity to cold storage, and only leave enough to keep the exchange solvent, while eliminating liquidity problems.
The Bancor Hacking Incident
While most of the other hacking incidents happened to centralized exchanges, this one was targeted at a decentralized one. Bancor, was hacked in July and lost $23.5 million in the process.
The hackers targeted three tokens –ethereum, BNT tokens and Pundi X. Again, this was withdrawn from the exchange’s hot wallet. But quick proactive measures, ensured that all the funds were frozen.