Pages:
Author

Topic: Crypto exchanges have to learn and improve on their security (Read 413 times)

jr. member
Activity: 280
Merit: 8
BTC Lover|Crypto Educator| We Grow by Learning!
I know people who are still dubious about the cryptocurrency sector because they worry about losing their money to scams or security breaches, which has been a typical occurrence in this market.
Since the majority of users appear to have welcomed the requirement for required KYC, I believe the focus should now be on enhancing exchange security.

I am aware that KYC may reduce fraudulent activity, however dealing with hacking and security exploitation issues will need investing in the strengthening of security. Adoption could happen quickly with sufficient protection because safety will be assured.

The latest Houbi attack, which resulted in the theft of roughly $8 million worth of Ethereum, and a few other security exploitations of a similar nature on other trading platforms in the past don't bode well for the sector, which calls for the prioritizing of security. https://cointelegraph.com/news/huobi-global-crypto-exchange-hacked-report

Even though there are still very few trading platforms that have never experienced security exploitation, the recent incident with Houbi should serve as a reminder for everyone to remainattentive and prioritize their security.

Any exchange that doesn't take security seriously, I don't know what they're in for anymore. At least all exchanges should have a protection fund and reserve ratio of about 201%
hero member
Activity: 1190
Merit: 599
I agree with you, online exchange sites will never be safe from hacking attacks because those who operate them are still humans, there have even been several cases where those who hacked the site were former employees. Therefore, it is highly recommended not to store large amounts of assets on crypto exchanges, they are very vulnerable, make the exchange only a place for you to trade but use a personal wallet to store your bitcoin assets.
Several centralized exchange ever hacked but trust and reputable with the owner there are not problem yet just take moment for close all withdrawing operation only before back to normal without several days. Huobi is not first exchange got hack looking on history with several top exchange before get the same cases but they can controlling well although loss fund keep operation and success recovery back to make all member fund keep secure.
Its important when holding an assets not in exchange or centralized exchange account, after trading and taking profit move your fund to personal wallet and hold there with your onw sell controlling private key, its not your coin saving in exchange account because they have full controlling when exchange got collapse like FTX not ability for withdrawing back our funds.
sr. member
Activity: 2338
Merit: 365
As good as the security they can improve or enhance, it's not make they 100% will never get hacked because online website are prone to get hacked.

Huobi isn't the only one exchange get hacked, centralized exchange already get hacked since 2011 [1] and every year there's always an exchange get hacked. So it means, all centralized exchange only waiting their turn to get hacked.


[1] https://bitcointalksearch.org/topic/hacked-exchanges-since-2011-5090869

I agree with you, online exchange sites will never be safe from hacking attacks because those who operate them are still humans, there have even been several cases where those who hacked the site were former employees. Therefore, it is highly recommended not to store large amounts of assets on crypto exchanges, they are very vulnerable, make the exchange only a place for you to trade but use a personal wallet to store your bitcoin assets.
legendary
Activity: 2492
Merit: 1145
Enterapp Pre-Sale Live - bit.ly/3UrMCWI
I agree that crypto exchanges must invest in better security, but there are also a couple of other things to note here. First, people must learn to only store what they're totally fine with losing on exchanges because a centralized platform is a risk not just due to possible hacks but also exit scams, mismanagement of customers' funds, etc. Second, crypto exchanges sometimes claim there was a hack, when in all likeliness it was an inside job that led to funds being stolen from customers.
I also stand with those who aren't sure KYC is that useful, especially in the context of security.
They did try their best actually when it comes to this matter because they are holding a lot of funds. It's just that robbers were sometimes too skillful to still access them. Sometimes an inside job can happen too. This is why it's important for the customer to follow the tips that you have said there.

About the KYC, I think it's only useful to combat money laundering. It was still an added risk on the customer's side because hackers can steal them. This is why many are against with it. Luckily there are still a couple of crypto exchanges who can allow their customers to use their platform without needing to undergo in a KYC verification process.
Exchanges has a lot of money and that is the obvious reason why hacker targets exchanges and other crypto projects. I believe that if you are a platform that holds large amount of things that has a value like crypto exchange, the first in the priority is security. A hacking incident on an exchange can put them into a burning pit not only that they can possibly have a financial burden but also the trust that their customer had put in them. No system is safe, there's always a way that hacker can intrude their system this is why exchanges need to prioritize updating their security.
legendary
Activity: 2044
Merit: 1075
Leading Crypto Sports Betting & Casino Platform
I agree that crypto exchanges must invest in better security, but there are also a couple of other things to note here. First, people must learn to only store what they're totally fine with losing on exchanges because a centralized platform is a risk not just due to possible hacks but also exit scams, mismanagement of customers' funds, etc. Second, crypto exchanges sometimes claim there was a hack, when in all likeliness it was an inside job that led to funds being stolen from customers.
I also stand with those who aren't sure KYC is that useful, especially in the context of security.
They did try their best actually when it comes to this matter because they are holding a lot of funds. It's just that robbers were sometimes too skillful to still access them. Sometimes an inside job can happen too. This is why it's important for the customer to follow the tips that you have said there.

About the KYC, I think it's only useful to combat money laundering. It was still an added risk on the customer's side because hackers can steal them. This is why many are against with it. Luckily there are still a couple of crypto exchanges who can allow their customers to use their platform without needing to undergo in a KYC verification process.
sr. member
Activity: 1274
Merit: 263
the sad thing is that there is a little to what these exchanges can do about this hacking in particular because the more you get secured the  more the hackers also get equipped and also i think most times it might be as a result of insider having an hand in the hacking maybe not everytime. hopefully we can get to the stage where the hacking will be a thing of the past in this space.
hero member
Activity: 2926
Merit: 722
DGbet.fun - Crypto Sportsbook
I am aware that KYC may reduce fraudulent activity, however dealing with hacking and security exploitation issues will need investing in the strengthening of security. Adoption could happen quickly with sufficient protection because safety will be assured.

We don't need centralized exchange or other platforms for adoption to happen. Bitcoin is a decentralized cryptocurency and we'll get adoption in a decentralized manner. Kyc might be said to reduced fraudulent activity but we know that's not the main reason behind all centralized exchange been asked to implement them. They're getting implemented so the government can easily monitor our transaction whenever they want by just requesting the exchange to provide them access. People shouldn't be worried about all the hacks that's happening because if they do things rightly, they won't become victme. Those that are becoming victims are those been ignorant to advice as  they keep keeping their coins on exchange and other centralized platforms when it has been said many times to not store coins on exchange.

Quote
Even though there are still very few trading platforms that have never experienced security exploitation, the recent incident with Houbi should serve as a reminder for everyone to remain attentive and prioritize their security.

They'll all have their share of the pie (hack) because they're centralized and just a copy of each other codes meaning if one can get exploited others too will get exploited. Don't trust any of them to store your coins on their platforms. If there's a need to use them, then just use them for the service they were created for which is to exchange and don't do any other things on the platforms. Ignore any juicy offering they're promising and keep your coin in a secured, open source, non custodial wallets and make the security of your investment your top priority instead of giving it to someone else who don't give a fuck about what happens to your coins but only giving fake promises to get more customers onto their exchange to make money.
So we do say that decentralized platforms would be the key on stopping this? I dont think so and just trying to look at on the other hand on what are the things lacking with these DEX'es which we do know that it

isnt something that could really be in line with fiat transactions or into those functions and benefits on what centralized platforms could give or deal with and this is why CEX would really be always that recommendable or really that being preferred due to this kind of reason. If you do really mind about being anonymous and decentralized then you could really be able to deal or make use with those current existing
decentralized platforms but of course it would really be having that kind of limited function and this is something that will really be that some people might not be that looking that it do really lacks with those
things that cex could be able to provide.

The most important thing that we should really bare in our mind is that we should not really make these platforms to act as our main wallets. On the time that hacking incident happens
then you wont really be losing all of your precious coins. We know that there's no such thing about 100% safe with our coins specially on platform wallets which we dont
able to have those PK access and with that alone then its impossible that you cant be able to assess on whats the right thing to be done.
legendary
Activity: 2408
Merit: 4282
eXch.cx - Automatic crypto Swap Exchange.
I am aware that KYC may reduce fraudulent activity, however dealing with hacking and security exploitation issues will need investing in the strengthening of security. Adoption could happen quickly with sufficient protection because safety will be assured.

We don't need centralized exchange or other platforms for adoption to happen. Bitcoin is a decentralized cryptocurency and we'll get adoption in a decentralized manner. Kyc might be said to reduced fraudulent activity but we know that's not the main reason behind all centralized exchange been asked to implement them. They're getting implemented so the government can easily monitor our transaction whenever they want by just requesting the exchange to provide them access. People shouldn't be worried about all the hacks that's happening because if they do things rightly, they won't become victme. Those that are becoming victims are those been ignorant to advice as  they keep keeping their coins on exchange and other centralized platforms when it has been said many times to not store coins on exchange.

Quote
Even though there are still very few trading platforms that have never experienced security exploitation, the recent incident with Houbi should serve as a reminder for everyone to remain attentive and prioritize their security.

They'll all have their share of the pie (hack) because they're centralized and just a copy of each other codes meaning if one can get exploited others too will get exploited. Don't trust any of them to store your coins on their platforms. If there's a need to use them, then just use them for the service they were created for which is to exchange and don't do any other things on the platforms. Ignore any juicy offering they're promising and keep your coin in a secured, open source, non custodial wallets and make the security of your investment your top priority instead of giving it to someone else who don't give a fuck about what happens to your coins but only giving fake promises to get more customers onto their exchange to make money.
full member
Activity: 868
Merit: 202
there is no secure platform on the internet, everything has the potential to be hacked and that includes centralized exchanges. even when centralized exchanges spend a lot of money on their security, there are always loopholes that can be exploited by hackers to hack into the system and steal these assets.

what is needed from these exchanges is how they can handle hacking on their platforms, what are their preventive measures or responsibilities after hacking, that is what users need most, because the responsibility of these exchange platforms is primarily in their service to users and also protect their image in the crypto world.
hero member
Activity: 1386
Merit: 731
Leading Crypto Sports Betting & Casino Platform
As you mentioned, even binance is no exception. But I highly believe, they have very good security system to counter attack possible threats.
Nope, Binance exchange was been hacked in 2019 [1] and in the previous year Binance Smart Chain got hacked [2] so no matter big the exchange, there's always a hacker able to hack it. The best is stay away against centralized exchange and learn how to use Bisq, also hold your coins in cold storage.


[1] https://www.cnbc.com/2019/05/08/binance-bitcoin-hack-over-40-million-of-cryptocurrency-stolen.html
[2] https://www.sangfor.com/blog/cybersecurity/binance-hack-technically-explained-heist-worth-usd570-million
Decentralized exchanges are certainly better in terms of security compared to centralized exchanges, but that doesn't mean everyone should avoid centralized exchanges. As long as they use centralized exchanges as intended (not for long-term asset storage) then they are safe to use. Imo, unsafe doesn't mean it shouldn't be used completely, it means they just have to care enough and avoid keeping money in their online account in the long term.

I believe in centralized exchanges to some extent, but when it comes to investments then I also still need to consider a wallet that gives me full custody. This is important despite me still using centralized exchanges regularly to trade.
hero member
Activity: 2366
Merit: 594
Investing in security is really the number one priority of those exchanges because that is the money we are talking about, and most of the blackhat hackers want it so having good security and no exploit is best. However the truth is that we can't predict it and most of those hackers and those maintaining the security are in race mode to find an exploit that can either be fixed as they found it or exploited. That is why investing in security infrastructure and a good team of cyber security professionals is required.

hero member
Activity: 742
Merit: 633
As you mentioned, even binance is no exception. But I highly believe, they have very good security system to counter attack possible threats.
Nope, Binance exchange was been hacked in 2019 [1] and in the previous year Binance Smart Chain got hacked [2] so no matter big the exchange, there's always a hacker able to hack it. The best is stay away against centralized exchange and learn how to use Bisq, also hold your coins in cold storage.


[1] https://www.cnbc.com/2019/05/08/binance-bitcoin-hack-over-40-million-of-cryptocurrency-stolen.html
[2] https://www.sangfor.com/blog/cybersecurity/binance-hack-technically-explained-heist-worth-usd570-million
hero member
Activity: 2744
Merit: 588
Scam and hack aren't the same thing. We are facing crypto hacking on the exchanges, and users have been suffering for that. I feel exchanges are using some security features to protect their funds. But hackers have been able to break their security system. Even the biggest exchange, Binance, also faces hacking issues. I don't think it's possible to prevent it completely. Because even if you use the most advanced security features, hackers will try to exploit them. Until you keep automating withdrawals, it's hard to prevent attacks. On the other hand, large numbers of withdrawals are impossible to handle manually. Exchanges need to struggle to find something where hackers are unable to break the security system; for example, hackers won't reverse Bitcoin transactions.

These exchanges should always update their security features because hacking tools are also getting sophisticated.
So their security team should be ahead of the game when it comes to this aspect of their business.
They may incur good amount of money but it will probably save them from potential bankruptcy because of these illegal actors in cyberspace.
As you mentioned, even binance is no exception. But I highly believe, they have very good security system to counter attack possible threats.
jr. member
Activity: 61
Merit: 6
Crypto exchanges will never be able to become 100 percent secure. It's just not possible, since it's an online site.
hero member
Activity: 2520
Merit: 783
They know how to secure their exchange its just hackers became more smarter than them that's why we see this hacking issues existing even if the exchange spend a lot of money for security measures. What's important matter there is we choose a big exchange when trading so that if this incident will happen to them they can give some assurance that no investors funds will get affected and all users can still access their funds without any issues.

Not only Houbi encounter such unfortunate attacks but rather also those top tier exchange like binance but what good happened there is they still standing strong and can able to operate even if issue like this happen to them. Its important for trader to be aware on this situation so that they may know on what to do next if situation like this might occur in future.
Exchanges will always experience increased risks due to their type of activity, they will always have vulnerabilities and hackers will try to repeat their attacks. To some extent, along with the increase in security, the capabilities of hackers also increase and it is impossible to take everything into account, sometimes protection can only be strengthened when you see where the vulnerability was.

In fact, I don't know if there are any exchanges that have never been hacked. What is important here is how quickly the defense service can react so that losses are minimal.

Not surprised about those attacks happened since many know that they have huge funds stored in their platform that's why they are the favorite target of hackers. This is the reason why we need to consider this topic since this hacking incident really exist and its good to choose the right platform with huge connections since if anything happen to them just like what happen on binance they can mitigate the attack and can make sure that funds is safe then they can return all of it to their site site users. I think all major exchange experience this hacking issue some of them survive the attack and some of them totally fall down because of financial issues happened after the attack they encounter.
sr. member
Activity: 602
Merit: 442
I buy all valid country Gift cards swiftly.
Over the pass, there have been several warnings about using centralized exchanges and anyone using it, is doing so at their own risk and that is why it has always been advised that our funds shouldn't be stored on exchanges but rather be used for it's purposes of exchange.
I agree with you op about exchanges investing more on security because there definitely so much to loss if security isn't taken as a priority.
But on the other hand, I think alot of these exchanges are already doing so much to handle their security sector and I really wouldn't blame them because these scammers and criminals will never stop doing their best to steal and stile at any slightest opportunity they get.

Most times I wouldn't have to blame these exchanges but rather blames those who get scammed on their platforms because at the end of the day you'll noticed that they at some point failed to follow instructions and maybe traded outside of the exchange or clocked on a random link and these things have been warned against even on the exchanges and I'm actually saying this from my personal experience with paxful after been scammed.
hero member
Activity: 3024
Merit: 745
Top Crypto Casino
Many times exchanges have always been targeted since they're like honeypot in the eyes of the hackers. I do believe that they are investing in security but it's probably like that it's not just enough to protect themselves and their customer's money. Maybe there's just a point of time that the hacker just seen a very small hole and opportunity and able to get in through that. Sometimes, these hacks could be a collaborated job done with the help of some of their employees that has access to the critical part of the operations, I dunno but that's possible. While they're taking hundred of millions of deposits to billions on their volumes, I do think that they're doing regular routine of checking everything related to their security.
legendary
Activity: 2394
Merit: 2223
Signature space for rent
Scam and hack aren't the same thing. We are facing crypto hacking on the exchanges, and users have been suffering for that. I feel exchanges are using some security features to protect their funds. But hackers have been able to break their security system. Even the biggest exchange, Binance, also faces hacking issues. I don't think it's possible to prevent it completely. Because even if you use the most advanced security features, hackers will try to exploit them. Until you keep automating withdrawals, it's hard to prevent attacks. On the other hand, large numbers of withdrawals are impossible to handle manually. Exchanges need to struggle to find something where hackers are unable to break the security system; for example, hackers won't reverse Bitcoin transactions.
sr. member
Activity: 854
Merit: 364
I ❤️Bitcoin
The latest Houbi attack, which resulted in the theft of roughly $8 million worth of Ethereum, and a few other security exploitations of a similar nature on other trading platforms in the past don't bode well for the sector, which calls for the prioritizing of security. https://cointelegraph.com/news/huobi-global-crypto-exchange-hacked-report
It's not new that exchanges like Huobi have experienced attacks resulting in millions of dollars being stolen. Such incidents continue to happen regularly, and when we look at the past, there are numerous significant and well-known exchanges that have faced security breaches. Even top exchanges are targeted by cybercriminals.
These hackers often target exchanges because they have open-source code libraries, making it easier for them to exploit vulnerabilities and compromise the assets of thousands of users. Therefore, taking additional security measures is essential because these incidents are on the rise and lead to more complexities in dealing with illegal activities.
Additionally, I have a list of all the hacked exchanges due to their vulnerabilities that have fallen victim to such incidents. Here's the list for reference:
10 Biggest Crypto Exchange Hacks
1. Mt. Gox (2011)
2. KuCoin (2020)
3. Upbit (2019)
4. BINANCE (2019)
5. Bitfinex (2016)
6. CRYPTOPIA (2019)
7. ZAIF (2018)
8. BANCOR (2018)
9. COINCHECK (2018)
10. COINBENE (2019)
hero member
Activity: 1834
Merit: 879
Rollbit.com ⚔️Crypto Futures
I know people who are still dubious about the cryptocurrency sector because they worry about losing their money to scams or security breaches, which has been a typical occurrence in this market.
Since the majority of users appear to have welcomed the requirement for required KYC, I believe the focus should now be on enhancing exchange security.
Imo I think KYC should just be scrapped off altogether because firstly user data isn't usually handled well and secondly 2fa and email verification should be enough security & proof to show you own an account incase of a breach.

Besides, users aren't getting hacked, it's the exchanges themselves which need to work on enhanced security measures!

I am aware that KYC may reduce fraudulent activity, however dealing with hacking and security exploitation issues will need investing in the strengthening of security. Adoption could happen quickly with sufficient protection because safety will be assured.
With fake docs flooding the internet, I don't think KYC will reduce fraudulent activities, the best is having geolocks, IP whitelisting, and possibly phone number & sms verification as these might work better than KYC which removes the potential of exposing user data to unauthorised users.

The latest Houbi attack, which resulted in the theft of roughly $8 million worth of Ethereum, and a few other security exploitations of a similar nature on other trading platforms in the past don't bode well for the sector, which calls for the prioritizing of security. https://cointelegraph.com/news/huobi-global-crypto-exchange-hacked-report

Even though there are still very few trading platforms that have never experienced security exploitation, the recent incident with Houbi should serve as a reminder for everyone to remainattentive and prioritize their security.
Perhaps these exchanges need to talk to each other more to learn something from each other in regards to best security measures of not getting hacked.
Pages:
Jump to: