Topic: Crypto exchanges have to learn and improve on their security (Read 337 times)

Any exchange that doesn't take security seriously, I don't know what they're in for anymore. At least all exchanges should have a protection fund and reserve ratio of about 201%

Several centralized exchange ever hacked but trust and reputable with the owner there are not problem yet just take moment for close all withdrawing operation only before back to normal without several days. Huobi is not first exchange got hack looking on history with several top exchange before get the same cases but they can controlling well although loss fund keep operation and success recovery back to make all member fund keep secure.
Its important when holding an assets not in exchange or centralized exchange account, after trading and taking profit move your fund to personal wallet and hold there with your onw sell controlling private key, its not your coin saving in exchange account because they have full controlling when exchange got collapse like FTX not ability for withdrawing back our funds.

I agree with you, online exchange sites will never be safe from hacking attacks because those who operate them are still humans, there have even been several cases where those who hacked the site were former employees. Therefore, it is highly recommended not to store large amounts of assets on crypto exchanges, they are very vulnerable, make the exchange only a place for you to trade but use a personal wallet to store your bitcoin assets.

Exchanges has a lot of money and that is the obvious reason why hacker targets exchanges and other crypto projects. I believe that if you are a platform that holds large amount of things that has a value like crypto exchange, the first in the priority is security. A hacking incident on an exchange can put them into a burning pit not only that they can possibly have a financial burden but also the trust that their customer had put in them. No system is safe, there's always a way that hacker can intrude their system this is why exchanges need to prioritize updating their security.

They did try their best actually when it comes to this matter because they are holding a lot of funds. It's just that robbers were sometimes too skillful to still access them. Sometimes an inside job can happen too. This is why it's important for the customer to follow the tips that you have said there.

About the KYC, I think it's only useful to combat money laundering. It was still an added risk on the customer's side because hackers can steal them. This is why many are against with it. Luckily there are still a couple of crypto exchanges who can allow their customers to use their platform without needing to undergo in a KYC verification process.

the sad thing is that there is a little to what these exchanges can do about this hacking in particular because the more you get secured the  more the hackers also get equipped and also i think most times it might be as a result of insider having an hand in the hacking maybe not everytime. hopefully we can get to the stage where the hacking will be a thing of the past in this space.

So we do say that decentralized platforms would be the key on stopping this? I dont think so and just trying to look at on the other hand on what are the things lacking with these DEX'es which we do know that it

isnt something that could really be in line with fiat transactions or into those functions and benefits on what centralized platforms could give or deal with and this is why CEX would really be always that recommendable or really that being preferred due to this kind of reason. If you do really mind about being anonymous and decentralized then you could really be able to deal or make use with those current existing
decentralized platforms but of course it would really be having that kind of limited function and this is something that will really be that some people might not be that looking that it do really lacks with those
things that cex could be able to provide.

The most important thing that we should really bare in our mind is that we should not really make these platforms to act as our main wallets. On the time that hacking incident happens
then you wont really be losing all of your precious coins. We know that there's no such thing about 100% safe with our coins specially on platform wallets which we dont
able to have those PK access and with that alone then its impossible that you cant be able to assess on whats the right thing to be done.

We don't need centralized exchange or other platforms for adoption to happen. Bitcoin is a decentralized cryptocurency and we'll get adoption in a decentralized manner. Kyc might be said to reduced fraudulent activity but we know that's not the main reason behind all centralized exchange been asked to implement them. They're getting implemented so the government can easily monitor our transaction whenever they want by just requesting the exchange to provide them access. People shouldn't be worried about all the hacks that's happening because if they do things rightly, they won't become victme. Those that are becoming victims are those been ignorant to advice as  they keep keeping their coins on exchange and other centralized platforms when it has been said many times to not store coins on exchange.


They'll all have their share of the pie (hack) because they're centralized and just a copy of each other codes meaning if one can get exploited others too will get exploited. Don't trust any of them to store your coins on their platforms. If there's a need to use them, then just use them for the service they were created for which is to exchange and don't do any other things on the platforms. Ignore any juicy offering they're promising and keep your coin in a secured, open source, non custodial wallets and make the security of your investment your top priority instead of giving it to someone else who don't give a fuck about what happens to your coins but only giving fake promises to get more customers onto their exchange to make money.

there is no secure platform on the internet, everything has the potential to be hacked and that includes centralized exchanges. even when centralized exchanges spend a lot of money on their security, there are always loopholes that can be exploited by hackers to hack into the system and steal these assets.

what is needed from these exchanges is how they can handle hacking on their platforms, what are their preventive measures or responsibilities after hacking, that is what users need most, because the responsibility of these exchange platforms is primarily in their service to users and also protect their image in the crypto world.

Decentralized exchanges are certainly better in terms of security compared to centralized exchanges, but that doesn't mean everyone should avoid centralized exchanges. As long as they use centralized exchanges as intended (not for long-term asset storage) then they are safe to use. Imo, unsafe doesn't mean it shouldn't be used completely, it means they just have to care enough and avoid keeping money in their online account in the long term.

I believe in centralized exchanges to some extent, but when it comes to investments then I also still need to consider a wallet that gives me full custody. This is important despite me still using centralized exchanges regularly to trade.

Investing in security is really the number one priority of those exchanges because that is the money we are talking about, and most of the blackhat hackers want it so having good security and no exploit is best. However the truth is that we can't predict it and most of those hackers and those maintaining the security are in race mode to find an exploit that can either be fixed as they found it or exploited. That is why investing in security infrastructure and a good team of cyber security professionals is required.

Nope, Binance exchange was been hacked in 2019 [1] and in the previous year Binance Smart Chain got hacked [2] so no matter big the exchange, there's always a hacker able to hack it. The best is stay away against centralized exchange and learn how to use Bisq, also hold your coins in cold storage.

---

[1] https://www.cnbc.com/2019/05/08/binance-bitcoin-hack-over-40-million-of-cryptocurrency-stolen.html
[2] https://www.sangfor.com/blog/cybersecurity/binance-hack-technically-explained-heist-worth-usd570-million

These exchanges should always update their security features because hacking tools are also getting sophisticated.
So their security team should be ahead of the game when it comes to this aspect of their business.
They may incur good amount of money but it will probably save them from potential bankruptcy because of these illegal actors in cyberspace.
As you mentioned, even binance is no exception. But I highly believe, they have very good security system to counter attack possible threats.

Crypto exchanges will never be able to become 100 percent secure. It's just not possible, since it's an online site.

Not surprised about those attacks happened since many know that they have huge funds stored in their platform that's why they are the favorite target of hackers. This is the reason why we need to consider this topic since this hacking incident really exist and its good to choose the right platform with huge connections since if anything happen to them just like what happen on binance they can mitigate the attack and can make sure that funds is safe then they can return all of it to their site site users. I think all major exchange experience this hacking issue some of them survive the attack and some of them totally fall down because of financial issues happened after the attack they encounter.

Over the pass, there have been several warnings about using centralized exchanges and anyone using it, is doing so at their own risk and that is why it has always been advised that our funds shouldn't be stored on exchanges but rather be used for it's purposes of exchange.
I agree with you op about exchanges investing more on security because there definitely so much to loss if security isn't taken as a priority.
But on the other hand, I think alot of these exchanges are already doing so much to handle their security sector and I really wouldn't blame them because these scammers and criminals will never stop doing their best to steal and stile at any slightest opportunity they get.

Most times I wouldn't have to blame these exchanges but rather blames those who get scammed on their platforms because at the end of the day you'll noticed that they at some point failed to follow instructions and maybe traded outside of the exchange or clocked on a random link and these things have been warned against even on the exchanges and I'm actually saying this from my personal experience with paxful after been scammed.

Many times exchanges have always been targeted since they're like honeypot in the eyes of the hackers. I do believe that they are investing in security but it's probably like that it's not just enough to protect themselves and their customer's money. Maybe there's just a point of time that the hacker just seen a very small hole and opportunity and able to get in through that. Sometimes, these hacks could be a collaborated job done with the help of some of their employees that has access to the critical part of the operations, I dunno but that's possible. While they're taking hundred of millions of deposits to billions on their volumes, I do think that they're doing regular routine of checking everything related to their security.

Scam and hack aren't the same thing. We are facing crypto hacking on the exchanges, and users have been suffering for that. I feel exchanges are using some security features to protect their funds. But hackers have been able to break their security system. Even the biggest exchange, Binance, also faces hacking issues. I don't think it's possible to prevent it completely. Because even if you use the most advanced security features, hackers will try to exploit them. Until you keep automating withdrawals, it's hard to prevent attacks. On the other hand, large numbers of withdrawals are impossible to handle manually. Exchanges need to struggle to find something where hackers are unable to break the security system; for example, hackers won't reverse Bitcoin transactions.

It's not new that exchanges like Huobi have experienced attacks resulting in millions of dollars being stolen. Such incidents continue to happen regularly, and when we look at the past, there are numerous significant and well-known exchanges that have faced security breaches. Even top exchanges are targeted by cybercriminals.
These hackers often target exchanges because they have open-source code libraries, making it easier for them to exploit vulnerabilities and compromise the assets of thousands of users. Therefore, taking additional security measures is essential because these incidents are on the rise and lead to more complexities in dealing with illegal activities.
Additionally, I have a list of all the hacked exchanges due to their vulnerabilities that have fallen victim to such incidents. Here's the list for reference:
10 Biggest Crypto Exchange Hacks
1. Mt. Gox (2011)
2. KuCoin (2020)
3. Upbit (2019)
4. BINANCE (2019)
5. Bitfinex (2016)
6. CRYPTOPIA (2019)
7. ZAIF (2018)
8. BANCOR (2018)
9. COINCHECK (2018)
10. COINBENE (2019)

Imo I think KYC should just be scrapped off altogether because firstly user data isn't usually handled well and secondly 2fa and email verification should be enough security & proof to show you own an account incase of a breach.

Besides, users aren't getting hacked, it's the exchanges themselves which need to work on enhanced security measures!

With fake docs flooding the internet, I don't think KYC will reduce fraudulent activities, the best is having geolocks, IP whitelisting, and possibly phone number & sms verification as these might work better than KYC which removes the potential of exposing user data to unauthorised users.

Perhaps these exchanges need to talk to each other more to learn something from each other in regards to best security measures of not getting hacked.