Friday, January 24, 2025
HomecryptocurrencyCryptoCurrency Breaches and Hacking Scandals: How to Address them?

CryptoCurrency Breaches and Hacking Scandals: How to Address them?

Published on

SIEM as a Service

Follow Us on Google News

The proponents of cryptocurrency always harp on the point that it is very safe and secure and the blockchain technology that is used is virtually hacking proof. Let’s face it, even with the best technology you will have loopholes and there are people everywhere who wish to make a profit out of it.

Every small vulnerability is used to steal bitcoins or other cryptocurrencies. Making systems tighter is the way forward. Earlier only small crypto exchanges used to be affected, as the security was not up to the mark or the exchanges could not have the necessary security team in place.

Still, nowadays big crypto exchanges are also threatened by hacking and some big crypto exchanges have already fallen prey to it.

Over the years there have been crypto currency breaches and hacking scandals and a few of them are listed below:

Mt. Gox:

The first major cryptocurrency hack was the Mt. Gox hack. Mt. Gox was an exchange company located in Shibuya, in the Tokyo district (Japan).In 2014, after declaring bankruptcy, Mt. Gox announced that hackers stole $473 million in bitcoin. This was the first major security lapse and it also led to the downfall of Mt. Gox.

Bitstamp:

Bitstamp is a trading company, based in Luxembourg, with two Slovenian founders: NejcKodrič (CEO and co-founder) and DamijanMerlak (a member of the management board and co-founder). In January 2015 more than $5 million in Bitcoin was stolen from a storage wallet due to a system administrator getting affected by a phishing scam.

Bitfinex:

Also, a cryptocurrency exchange, Bitfinexis headquartered in Hong Kong but registered in the Virgin Islands. The company was hacked in 2015 and $72 million worth of Bitcoin was stolen. As usual, hackers had spotted a flaw in the exchange and exploited it.

Parity:

Parity offers a blockchain for Ethereum clients to use and guarantees security to its users. However, a while ago, a vulnerability was found in the Parity Wallet and white hat hackers (let’s call them the good guys) tried to save the funds in the Parity Multisig Wallet. However, black hat hackers (the unethical ones) had a field day and made away with upwards of $30 million in Ether.

Coincheck:

Hackers had a merry time stealing $530 million in cryptocurrency from this Japanese crypto exchange, founded by Koichiro Wada and Yusuke Otsuka. The hack happened in January of 2018 and the currency stolen was NEM tokens. Coincheck assured to pay the users who lost funds due to the breach.

Binance – CryptoCurrency:

Headquartered in Malta, Binance is a crypto exchange that provides a platform for over 100 cryptocurrencies.  In May 2019, more than $40 million worth of Bitcoin was stolen from this exchange by hackers. Their CEO, ChangpengZao, affirmed the intruders “used a variety of techniques, including phishing, viruses and other attacks”. Since then Binance has made a lot of improvements in this regard, e.g. significantly enhanced the security of its API, so third party tools like Binance trading bots can run safely, or expanded its Asset Insurance Fund for Users to $1 billion.

Steps to address the problem:

A big way to prevent these sorts of attacks is by having easy communication between crypto exchanges. Exchanges should be able to track funds that seem suspicious and should be able to freeze such transactions when an exchange communicates that a vulnerability has been breached. Many crypto exchanges such as eToro have great systems in place.

A good example is eToro. According to a recent eTororeview, the trading company has KYC policies and when you have KYC details it becomes easy to track funds and recover them. Most of the hacked cryptocurrencies are sent to other crypto exchanges before being moved, so communication will help to lessen the losses or to even recover the lost funds completely. With communication in place, wallets can be suspended immediately.

In fact, in 2018 four crypto exchanges in South Korea got together and created a hotline for communication. This was done to make sure that any suspicious transaction is detected as soon as possible and the word is got out to others to be aware as well as to freeze any transaction. It is believed to have really helped the exchanges.

A hotline to communicate should be created among all the crypto exchanges of the world so that hackers cannot steal and run away with the proceeds. Another point is that a database should be created of wallets and transactions that are suspicious and these should be communicated to all exchanges.

In short, cryptocurrencies have their share of problems and hackers have shown that they can hack it too. Apart from the above-mentioned points, all exchanges should store the same amount of funds which is in their hot wallets as insurance in their cold wallets.

Hot wallets are prone to hacking as they are online but cold wallets are not connected to the internet and hence safe. If an attack occurs on a hot wallet the exchange can continue running while the other systems try to minimize the losses as they will have an insurance fund in their cold wallets.

Source & credits

This article provided to www.gbhackers.com by Thyagarajan Gopalakrishnan. All the Content of this Article Belongs to Original Author. GBHackers on Security won’t take any credits.

Latest articles

Subaru’s STARLINK Connected Car’s Vulnerability Let Attackers Gain Restricted Access

In a groundbreaking discovery on November 20, 2024, cybersecurity researchers Shubham Shah and a...

Android Kiosk Tablets Vulnerability Let Attackers Control AC & Lights

A security flaw found in Android-based kiosk tablets at luxury hotels has exposed a...

CISA Releases Six ICS Advisories Details Security Issues

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued six Industrial Control Systems (ICS)...

Juniper Routers Exploited via Magic Packet Vulnerability to Deploy Custom Backdoor

A sophisticated cyber campaign dubbed "J-magic" has been discovered targeting enterprise-grade Juniper routers with...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

More like this

Malicious Solana Packages Attacking Devs Abusing Slack And ImgBB For Data Theft

Malicious packages "solanacore," "solana login," and "walletcore-gen" on npmjs target Solana developers with Windows...

PHP Servers Vulnerability Exploited To Inject PacketCrypt Cryptocurrency Miner

Researchers observed a URL attempts to exploit a server-side vulnerability by executing multiple commands...

The Defender vs. The Attacker Game

The researcher proposes a game-theoretic approach to analyze the interaction between the model defender...