According to some news that reached different crypto news sites, the DX.Exchange experienced serious security weaknesses that could have affected users’ funds. The DX.Exchange was launched just a few days ago. However, in a recent blog post, the company explains that they were able to successfully patch an important security vulnerability.
This vulnerability was related to an authentication token error, but the platform was able to provide a fast solution to this issue. That means that there are no current threats to users, according to the exchange.
#DX.Exchange has successfully patched and shut down a security vulnerability, resulting from an authentication token error. DX responded immediately, by introducing a security patch, preventing any threat to users and their funds. Read the full story at https://t.co/FxB7pbtnoy
— DX.Exchange (@DXdotExchange) January 10, 2019
Daniel Skowronski, the CEO of the DX.Exhcange thanked the reporter that provided information about this issue and the community that was able to act fast in such a situation.
About it, Skowronski said:
“We are happy to report that the vulnerability has been successfully patched, and no user funds were compromised. Our launch was met with a stellar response from our community eager to trade cryptocurrencies and digital stocks. Customer funds were always safe, our multi-layer advanced monitoring and defence mechanism was able to avoid any further issue.”
At the same time, the company is currently opening a new DX.Exchange Bug Bounty program specifically designed for developers that are able to find and report bugs. The company will be giving in return discretionary compensation.
The new DX.Exchange is based in Estonia and was received very positively by the crypto market due to the fact that is launching tokenized U.S. equities on its platform and cryptocurrencies such as Bitcoin (BTC), Ether (ETH) or Cardano (ADA), among others.
This situation that happened to the exchange is currently being analyzed, but it has damaged the enthusiasm around the platform and the intention of improving the crypto space. The exchange has to be compliant with strict Anti-Money-Laundering (AML) and Know-Your-Customer (KYC) policies to operate in Estonia. Although they comply with these regulations, they do not have the necessary measures to protect this information.
Apparently, the trader that was able to discover this vulnerability said that he collected 100 tokens over 30 minutes. He explained that it was very easy to criminalize for any interested party.
If the hacked tokens have information about employees at the exchange or administrative access, attackers could have attacked users and stealing their funds after downloading the entire database from private servers.
This new crypto platform that offers U.S. equities on the blockchain, was not able to provide basic security to its users. This shows that security practices are still not the best among companies that seem to be respected.
Due to these kinds of situations, regulatory agencies have been taking further measures to protect investors and discourage them from entering the crypto market. If the crypto and blockchain space want to keep growing and evolving, companies will have to focus on security more than never before.