Author

Topic: Crypto exchanges have to learn and improve on their security (Read 413 times)

jr. member
Activity: 280
Merit: 8
BTC Lover|Crypto Educator| We Grow by Learning!
I know people who are still dubious about the cryptocurrency sector because they worry about losing their money to scams or security breaches, which has been a typical occurrence in this market.
Since the majority of users appear to have welcomed the requirement for required KYC, I believe the focus should now be on enhancing exchange security.

I am aware that KYC may reduce fraudulent activity, however dealing with hacking and security exploitation issues will need investing in the strengthening of security. Adoption could happen quickly with sufficient protection because safety will be assured.

The latest Houbi attack, which resulted in the theft of roughly $8 million worth of Ethereum, and a few other security exploitations of a similar nature on other trading platforms in the past don't bode well for the sector, which calls for the prioritizing of security. https://cointelegraph.com/news/huobi-global-crypto-exchange-hacked-report

Even though there are still very few trading platforms that have never experienced security exploitation, the recent incident with Houbi should serve as a reminder for everyone to remainattentive and prioritize their security.

Any exchange that doesn't take security seriously, I don't know what they're in for anymore. At least all exchanges should have a protection fund and reserve ratio of about 201%
hero member
Activity: 1190
Merit: 599
I agree with you, online exchange sites will never be safe from hacking attacks because those who operate them are still humans, there have even been several cases where those who hacked the site were former employees. Therefore, it is highly recommended not to store large amounts of assets on crypto exchanges, they are very vulnerable, make the exchange only a place for you to trade but use a personal wallet to store your bitcoin assets.
Several centralized exchange ever hacked but trust and reputable with the owner there are not problem yet just take moment for close all withdrawing operation only before back to normal without several days. Huobi is not first exchange got hack looking on history with several top exchange before get the same cases but they can controlling well although loss fund keep operation and success recovery back to make all member fund keep secure.
Its important when holding an assets not in exchange or centralized exchange account, after trading and taking profit move your fund to personal wallet and hold there with your onw sell controlling private key, its not your coin saving in exchange account because they have full controlling when exchange got collapse like FTX not ability for withdrawing back our funds.
sr. member
Activity: 2338
Merit: 365
As good as the security they can improve or enhance, it's not make they 100% will never get hacked because online website are prone to get hacked.

Huobi isn't the only one exchange get hacked, centralized exchange already get hacked since 2011 [1] and every year there's always an exchange get hacked. So it means, all centralized exchange only waiting their turn to get hacked.


[1] https://bitcointalksearch.org/topic/hacked-exchanges-since-2011-5090869

I agree with you, online exchange sites will never be safe from hacking attacks because those who operate them are still humans, there have even been several cases where those who hacked the site were former employees. Therefore, it is highly recommended not to store large amounts of assets on crypto exchanges, they are very vulnerable, make the exchange only a place for you to trade but use a personal wallet to store your bitcoin assets.
legendary
Activity: 2492
Merit: 1145
Enterapp Pre-Sale Live - bit.ly/3UrMCWI
I agree that crypto exchanges must invest in better security, but there are also a couple of other things to note here. First, people must learn to only store what they're totally fine with losing on exchanges because a centralized platform is a risk not just due to possible hacks but also exit scams, mismanagement of customers' funds, etc. Second, crypto exchanges sometimes claim there was a hack, when in all likeliness it was an inside job that led to funds being stolen from customers.
I also stand with those who aren't sure KYC is that useful, especially in the context of security.
They did try their best actually when it comes to this matter because they are holding a lot of funds. It's just that robbers were sometimes too skillful to still access them. Sometimes an inside job can happen too. This is why it's important for the customer to follow the tips that you have said there.

About the KYC, I think it's only useful to combat money laundering. It was still an added risk on the customer's side because hackers can steal them. This is why many are against with it. Luckily there are still a couple of crypto exchanges who can allow their customers to use their platform without needing to undergo in a KYC verification process.
Exchanges has a lot of money and that is the obvious reason why hacker targets exchanges and other crypto projects. I believe that if you are a platform that holds large amount of things that has a value like crypto exchange, the first in the priority is security. A hacking incident on an exchange can put them into a burning pit not only that they can possibly have a financial burden but also the trust that their customer had put in them. No system is safe, there's always a way that hacker can intrude their system this is why exchanges need to prioritize updating their security.
legendary
Activity: 2044
Merit: 1075
Leading Crypto Sports Betting & Casino Platform
I agree that crypto exchanges must invest in better security, but there are also a couple of other things to note here. First, people must learn to only store what they're totally fine with losing on exchanges because a centralized platform is a risk not just due to possible hacks but also exit scams, mismanagement of customers' funds, etc. Second, crypto exchanges sometimes claim there was a hack, when in all likeliness it was an inside job that led to funds being stolen from customers.
I also stand with those who aren't sure KYC is that useful, especially in the context of security.
They did try their best actually when it comes to this matter because they are holding a lot of funds. It's just that robbers were sometimes too skillful to still access them. Sometimes an inside job can happen too. This is why it's important for the customer to follow the tips that you have said there.

About the KYC, I think it's only useful to combat money laundering. It was still an added risk on the customer's side because hackers can steal them. This is why many are against with it. Luckily there are still a couple of crypto exchanges who can allow their customers to use their platform without needing to undergo in a KYC verification process.
sr. member
Activity: 1274
Merit: 263
the sad thing is that there is a little to what these exchanges can do about this hacking in particular because the more you get secured the  more the hackers also get equipped and also i think most times it might be as a result of insider having an hand in the hacking maybe not everytime. hopefully we can get to the stage where the hacking will be a thing of the past in this space.
hero member
Activity: 2926
Merit: 722
DGbet.fun - Crypto Sportsbook
I am aware that KYC may reduce fraudulent activity, however dealing with hacking and security exploitation issues will need investing in the strengthening of security. Adoption could happen quickly with sufficient protection because safety will be assured.

We don't need centralized exchange or other platforms for adoption to happen. Bitcoin is a decentralized cryptocurency and we'll get adoption in a decentralized manner. Kyc might be said to reduced fraudulent activity but we know that's not the main reason behind all centralized exchange been asked to implement them. They're getting implemented so the government can easily monitor our transaction whenever they want by just requesting the exchange to provide them access. People shouldn't be worried about all the hacks that's happening because if they do things rightly, they won't become victme. Those that are becoming victims are those been ignorant to advice as  they keep keeping their coins on exchange and other centralized platforms when it has been said many times to not store coins on exchange.

Quote
Even though there are still very few trading platforms that have never experienced security exploitation, the recent incident with Houbi should serve as a reminder for everyone to remain attentive and prioritize their security.

They'll all have their share of the pie (hack) because they're centralized and just a copy of each other codes meaning if one can get exploited others too will get exploited. Don't trust any of them to store your coins on their platforms. If there's a need to use them, then just use them for the service they were created for which is to exchange and don't do any other things on the platforms. Ignore any juicy offering they're promising and keep your coin in a secured, open source, non custodial wallets and make the security of your investment your top priority instead of giving it to someone else who don't give a fuck about what happens to your coins but only giving fake promises to get more customers onto their exchange to make money.
So we do say that decentralized platforms would be the key on stopping this? I dont think so and just trying to look at on the other hand on what are the things lacking with these DEX'es which we do know that it

isnt something that could really be in line with fiat transactions or into those functions and benefits on what centralized platforms could give or deal with and this is why CEX would really be always that recommendable or really that being preferred due to this kind of reason. If you do really mind about being anonymous and decentralized then you could really be able to deal or make use with those current existing
decentralized platforms but of course it would really be having that kind of limited function and this is something that will really be that some people might not be that looking that it do really lacks with those
things that cex could be able to provide.

The most important thing that we should really bare in our mind is that we should not really make these platforms to act as our main wallets. On the time that hacking incident happens
then you wont really be losing all of your precious coins. We know that there's no such thing about 100% safe with our coins specially on platform wallets which we dont
able to have those PK access and with that alone then its impossible that you cant be able to assess on whats the right thing to be done.
legendary
Activity: 2408
Merit: 4282
eXch.cx - Automatic crypto Swap Exchange.
I am aware that KYC may reduce fraudulent activity, however dealing with hacking and security exploitation issues will need investing in the strengthening of security. Adoption could happen quickly with sufficient protection because safety will be assured.

We don't need centralized exchange or other platforms for adoption to happen. Bitcoin is a decentralized cryptocurency and we'll get adoption in a decentralized manner. Kyc might be said to reduced fraudulent activity but we know that's not the main reason behind all centralized exchange been asked to implement them. They're getting implemented so the government can easily monitor our transaction whenever they want by just requesting the exchange to provide them access. People shouldn't be worried about all the hacks that's happening because if they do things rightly, they won't become victme. Those that are becoming victims are those been ignorant to advice as  they keep keeping their coins on exchange and other centralized platforms when it has been said many times to not store coins on exchange.

Quote
Even though there are still very few trading platforms that have never experienced security exploitation, the recent incident with Houbi should serve as a reminder for everyone to remain attentive and prioritize their security.

They'll all have their share of the pie (hack) because they're centralized and just a copy of each other codes meaning if one can get exploited others too will get exploited. Don't trust any of them to store your coins on their platforms. If there's a need to use them, then just use them for the service they were created for which is to exchange and don't do any other things on the platforms. Ignore any juicy offering they're promising and keep your coin in a secured, open source, non custodial wallets and make the security of your investment your top priority instead of giving it to someone else who don't give a fuck about what happens to your coins but only giving fake promises to get more customers onto their exchange to make money.
full member
Activity: 868
Merit: 202
there is no secure platform on the internet, everything has the potential to be hacked and that includes centralized exchanges. even when centralized exchanges spend a lot of money on their security, there are always loopholes that can be exploited by hackers to hack into the system and steal these assets.

what is needed from these exchanges is how they can handle hacking on their platforms, what are their preventive measures or responsibilities after hacking, that is what users need most, because the responsibility of these exchange platforms is primarily in their service to users and also protect their image in the crypto world.
hero member
Activity: 1386
Merit: 731
Leading Crypto Sports Betting & Casino Platform
As you mentioned, even binance is no exception. But I highly believe, they have very good security system to counter attack possible threats.
Nope, Binance exchange was been hacked in 2019 [1] and in the previous year Binance Smart Chain got hacked [2] so no matter big the exchange, there's always a hacker able to hack it. The best is stay away against centralized exchange and learn how to use Bisq, also hold your coins in cold storage.


[1] https://www.cnbc.com/2019/05/08/binance-bitcoin-hack-over-40-million-of-cryptocurrency-stolen.html
[2] https://www.sangfor.com/blog/cybersecurity/binance-hack-technically-explained-heist-worth-usd570-million
Decentralized exchanges are certainly better in terms of security compared to centralized exchanges, but that doesn't mean everyone should avoid centralized exchanges. As long as they use centralized exchanges as intended (not for long-term asset storage) then they are safe to use. Imo, unsafe doesn't mean it shouldn't be used completely, it means they just have to care enough and avoid keeping money in their online account in the long term.

I believe in centralized exchanges to some extent, but when it comes to investments then I also still need to consider a wallet that gives me full custody. This is important despite me still using centralized exchanges regularly to trade.
hero member
Activity: 2366
Merit: 594
Investing in security is really the number one priority of those exchanges because that is the money we are talking about, and most of the blackhat hackers want it so having good security and no exploit is best. However the truth is that we can't predict it and most of those hackers and those maintaining the security are in race mode to find an exploit that can either be fixed as they found it or exploited. That is why investing in security infrastructure and a good team of cyber security professionals is required.

hero member
Activity: 742
Merit: 633
As you mentioned, even binance is no exception. But I highly believe, they have very good security system to counter attack possible threats.
Nope, Binance exchange was been hacked in 2019 [1] and in the previous year Binance Smart Chain got hacked [2] so no matter big the exchange, there's always a hacker able to hack it. The best is stay away against centralized exchange and learn how to use Bisq, also hold your coins in cold storage.


[1] https://www.cnbc.com/2019/05/08/binance-bitcoin-hack-over-40-million-of-cryptocurrency-stolen.html
[2] https://www.sangfor.com/blog/cybersecurity/binance-hack-technically-explained-heist-worth-usd570-million
hero member
Activity: 2744
Merit: 588
Scam and hack aren't the same thing. We are facing crypto hacking on the exchanges, and users have been suffering for that. I feel exchanges are using some security features to protect their funds. But hackers have been able to break their security system. Even the biggest exchange, Binance, also faces hacking issues. I don't think it's possible to prevent it completely. Because even if you use the most advanced security features, hackers will try to exploit them. Until you keep automating withdrawals, it's hard to prevent attacks. On the other hand, large numbers of withdrawals are impossible to handle manually. Exchanges need to struggle to find something where hackers are unable to break the security system; for example, hackers won't reverse Bitcoin transactions.

These exchanges should always update their security features because hacking tools are also getting sophisticated.
So their security team should be ahead of the game when it comes to this aspect of their business.
They may incur good amount of money but it will probably save them from potential bankruptcy because of these illegal actors in cyberspace.
As you mentioned, even binance is no exception. But I highly believe, they have very good security system to counter attack possible threats.
jr. member
Activity: 61
Merit: 6
Crypto exchanges will never be able to become 100 percent secure. It's just not possible, since it's an online site.
hero member
Activity: 2520
Merit: 783
They know how to secure their exchange its just hackers became more smarter than them that's why we see this hacking issues existing even if the exchange spend a lot of money for security measures. What's important matter there is we choose a big exchange when trading so that if this incident will happen to them they can give some assurance that no investors funds will get affected and all users can still access their funds without any issues.

Not only Houbi encounter such unfortunate attacks but rather also those top tier exchange like binance but what good happened there is they still standing strong and can able to operate even if issue like this happen to them. Its important for trader to be aware on this situation so that they may know on what to do next if situation like this might occur in future.
Exchanges will always experience increased risks due to their type of activity, they will always have vulnerabilities and hackers will try to repeat their attacks. To some extent, along with the increase in security, the capabilities of hackers also increase and it is impossible to take everything into account, sometimes protection can only be strengthened when you see where the vulnerability was.

In fact, I don't know if there are any exchanges that have never been hacked. What is important here is how quickly the defense service can react so that losses are minimal.

Not surprised about those attacks happened since many know that they have huge funds stored in their platform that's why they are the favorite target of hackers. This is the reason why we need to consider this topic since this hacking incident really exist and its good to choose the right platform with huge connections since if anything happen to them just like what happen on binance they can mitigate the attack and can make sure that funds is safe then they can return all of it to their site site users. I think all major exchange experience this hacking issue some of them survive the attack and some of them totally fall down because of financial issues happened after the attack they encounter.
sr. member
Activity: 602
Merit: 442
I buy all valid country Gift cards swiftly.
Over the pass, there have been several warnings about using centralized exchanges and anyone using it, is doing so at their own risk and that is why it has always been advised that our funds shouldn't be stored on exchanges but rather be used for it's purposes of exchange.
I agree with you op about exchanges investing more on security because there definitely so much to loss if security isn't taken as a priority.
But on the other hand, I think alot of these exchanges are already doing so much to handle their security sector and I really wouldn't blame them because these scammers and criminals will never stop doing their best to steal and stile at any slightest opportunity they get.

Most times I wouldn't have to blame these exchanges but rather blames those who get scammed on their platforms because at the end of the day you'll noticed that they at some point failed to follow instructions and maybe traded outside of the exchange or clocked on a random link and these things have been warned against even on the exchanges and I'm actually saying this from my personal experience with paxful after been scammed.
hero member
Activity: 3024
Merit: 745
Top Crypto Casino
Many times exchanges have always been targeted since they're like honeypot in the eyes of the hackers. I do believe that they are investing in security but it's probably like that it's not just enough to protect themselves and their customer's money. Maybe there's just a point of time that the hacker just seen a very small hole and opportunity and able to get in through that. Sometimes, these hacks could be a collaborated job done with the help of some of their employees that has access to the critical part of the operations, I dunno but that's possible. While they're taking hundred of millions of deposits to billions on their volumes, I do think that they're doing regular routine of checking everything related to their security.
legendary
Activity: 2394
Merit: 2223
Signature space for rent
Scam and hack aren't the same thing. We are facing crypto hacking on the exchanges, and users have been suffering for that. I feel exchanges are using some security features to protect their funds. But hackers have been able to break their security system. Even the biggest exchange, Binance, also faces hacking issues. I don't think it's possible to prevent it completely. Because even if you use the most advanced security features, hackers will try to exploit them. Until you keep automating withdrawals, it's hard to prevent attacks. On the other hand, large numbers of withdrawals are impossible to handle manually. Exchanges need to struggle to find something where hackers are unable to break the security system; for example, hackers won't reverse Bitcoin transactions.
sr. member
Activity: 854
Merit: 364
I ❤️Bitcoin
The latest Houbi attack, which resulted in the theft of roughly $8 million worth of Ethereum, and a few other security exploitations of a similar nature on other trading platforms in the past don't bode well for the sector, which calls for the prioritizing of security. https://cointelegraph.com/news/huobi-global-crypto-exchange-hacked-report
It's not new that exchanges like Huobi have experienced attacks resulting in millions of dollars being stolen. Such incidents continue to happen regularly, and when we look at the past, there are numerous significant and well-known exchanges that have faced security breaches. Even top exchanges are targeted by cybercriminals.
These hackers often target exchanges because they have open-source code libraries, making it easier for them to exploit vulnerabilities and compromise the assets of thousands of users. Therefore, taking additional security measures is essential because these incidents are on the rise and lead to more complexities in dealing with illegal activities.
Additionally, I have a list of all the hacked exchanges due to their vulnerabilities that have fallen victim to such incidents. Here's the list for reference:
10 Biggest Crypto Exchange Hacks
1. Mt. Gox (2011)
2. KuCoin (2020)
3. Upbit (2019)
4. BINANCE (2019)
5. Bitfinex (2016)
6. CRYPTOPIA (2019)
7. ZAIF (2018)
8. BANCOR (2018)
9. COINCHECK (2018)
10. COINBENE (2019)
hero member
Activity: 1834
Merit: 879
Rollbit.com ⚔️Crypto Futures
I know people who are still dubious about the cryptocurrency sector because they worry about losing their money to scams or security breaches, which has been a typical occurrence in this market.
Since the majority of users appear to have welcomed the requirement for required KYC, I believe the focus should now be on enhancing exchange security.
Imo I think KYC should just be scrapped off altogether because firstly user data isn't usually handled well and secondly 2fa and email verification should be enough security & proof to show you own an account incase of a breach.

Besides, users aren't getting hacked, it's the exchanges themselves which need to work on enhanced security measures!

I am aware that KYC may reduce fraudulent activity, however dealing with hacking and security exploitation issues will need investing in the strengthening of security. Adoption could happen quickly with sufficient protection because safety will be assured.
With fake docs flooding the internet, I don't think KYC will reduce fraudulent activities, the best is having geolocks, IP whitelisting, and possibly phone number & sms verification as these might work better than KYC which removes the potential of exposing user data to unauthorised users.

The latest Houbi attack, which resulted in the theft of roughly $8 million worth of Ethereum, and a few other security exploitations of a similar nature on other trading platforms in the past don't bode well for the sector, which calls for the prioritizing of security. https://cointelegraph.com/news/huobi-global-crypto-exchange-hacked-report

Even though there are still very few trading platforms that have never experienced security exploitation, the recent incident with Houbi should serve as a reminder for everyone to remainattentive and prioritize their security.
Perhaps these exchanges need to talk to each other more to learn something from each other in regards to best security measures of not getting hacked.
sr. member
Activity: 1008
Merit: 366
Exchanges are just a huge target for hackers, scammers and even governments, so anyone that wants to use them should do so with a very clear intent, which is to buy and sell whatever they need and then send their coins out of the exchange.

Such a thing should take just a few minutes and this will reduce the chances of losing your coins dramatically, however very few people do this as they prefer to save themselves a few dollars and keep their coins in their favorite exchange, not understanding the massive risk they are taking by doing this.

Buy-sell is not the only thing you do in exchanges. It is a useful thing but most people use centralized exchanges in order to trade. As you might have already guessed, it takes time. One open trade could stay open for weeks to months. In this situation, centralized exchanges are needed. You are required to keep your assets in them if you wish to trade. So in some cases, we are bound to keep our assets in those platforms. But that's just it. You should never keep anything extra than what you need.

Other things could be done using a decentralized platform. And guess what, now decentralized platforms are available for future trades too. We should move to those platforms. But as everything is connected to the internet, nothing is safe. So we need to protect ourselves in our own ways.
hero member
Activity: 1316
Merit: 561
Leading Crypto Sports Betting & Casino Platform
I totally get your worries about crypto security? Totally get it. Its real, the fear. People, me too, are on edge. Scams? Hacks? Big, real threats. Just like that Houbi mess.

KYC? Its doing something, at least. Cutting down the bad stuff. But yeah, gotta jack up that security. Make it strong, unbreakable. People want to feel safe, right? If they do, boom! Everyone’s gonna want in. Cant just be tech-smart, gotta be safe-smart too.

KYC might be a pain, sure. But hey, its moving towards safer grounds. Time to shout out for tougher exchange security. No more waiting. No more Houbi-like wake-up calls. Time to move, and move now. For the sake of our assets, our peace. We need it, bad.
full member
Activity: 938
Merit: 108
OrangeFren.com
You know the hackers are also his enemies; they are also hackers. The only difference is that good hackers use their skills in the bad plans that hackers do. That's why, on the well-known CEX platforms, the ones they hire as protectors of their platforms are the people who have the ability to block or suppress bad hackers.

Now, the bad hackers are not only focused on the CEX platform but also on the DEX. As long as they have a chance to enter, they will attack it unexpectedly. So it can't really be said that KYC is an assurance that your assets are really safe on an exchange. But even so, that depends on the quality of security that an exchange still has.
legendary
Activity: 2100
Merit: 1340
They know how to secure their exchange its just hackers became more smarter than them that's why we see this hacking issues existing even if the exchange spend a lot of money for security measures. What's important matter there is we choose a big exchange when trading so that if this incident will happen to them they can give some assurance that no investors funds will get affected and all users can still access their funds without any issues.

Not only Houbi encounter such unfortunate attacks but rather also those top tier exchange like binance but what good happened there is they still standing strong and can able to operate even if issue like this happen to them. Its important for trader to be aware on this situation so that they may know on what to do next if situation like this might occur in future.
Exchanges will always experience increased risks due to their type of activity, they will always have vulnerabilities and hackers will try to repeat their attacks. To some extent, along with the increase in security, the capabilities of hackers also increase and it is impossible to take everything into account, sometimes protection can only be strengthened when you see where the vulnerability was.

In fact, I don't know if there are any exchanges that have never been hacked. What is important here is how quickly the defense service can react so that losses are minimal.
hero member
Activity: 2520
Merit: 783
I know people who are still dubious about the cryptocurrency sector because they worry about losing their money to scams or security breaches, which has been a typical occurrence in this market.
Since the majority of users appear to have welcomed the requirement for required KYC, I believe the focus should now be on enhancing exchange security.

I am aware that KYC may reduce fraudulent activity, however dealing with hacking and security exploitation issues will need investing in the strengthening of security. Adoption could happen quickly with sufficient protection because safety will be assured.

The latest Houbi attack, which resulted in the theft of roughly $8 million worth of Ethereum, and a few other security exploitations of a similar nature on other trading platforms in the past don't bode well for the sector, which calls for the prioritizing of security. https://cointelegraph.com/news/huobi-global-crypto-exchange-hacked-report

Even though there are still very few trading platforms that have never experienced security exploitation, the recent incident with Houbi should serve as a reminder for everyone to remainattentive and prioritize their security.

They know how to secure their exchange its just hackers became more smarter than them that's why we see this hacking issues existing even if the exchange spend a lot of money for security measures. What's important matter there is we choose a big exchange when trading so that if this incident will happen to them they can give some assurance that no investors funds will get affected and all users can still access their funds without any issues.

Not only Houbi encounter such unfortunate attacks but rather also those top tier exchange like binance but what good happened there is they still standing strong and can able to operate even if issue like this happen to them. Its important for trader to be aware on this situation so that they may know on what to do next if situation like this might occur in future.
hero member
Activity: 994
Merit: 701
The latest Houbi attack, which resulted in the theft of roughly $8 million worth of Ethereum, and a few other security exploitations of a similar nature on other trading platforms in the past don't bode well for the sector, which calls for the prioritizing of security. https://cointelegraph.com/news/huobi-global-crypto-exchange-hacked-report

Before the attack on Houbi, many other exchanges have been hacked before even the biggest exchange binanace have faced some potential hack before last year. If Binance can face such attacks, then I see no exchange that can escape that. In light of all this hacks, it is important that the security of such exchanges be improved to avoid those hackers of escaping with this monies hacked from those exchanges. Depending on how your technical team and security system of your exchange is, funds can be frozen immediately as in the case of Binance when it happened last year.

Quote
Even though there are still very few trading platforms that have never experienced security exploitation, the recent incident with Houbi should serve as a reminder for everyone to remainattentive and prioritize their security.

Online exchanges are prone to attack at anytime that is why it is always advisable not to keep too much of your funds in those centralized exchanges. Only keep the little you want to use at that time in such exchange or don’t keep any there, but transfer there only when you want to exchange them.
hero member
Activity: 2114
Merit: 603
We should learn one more thing, have you ever heard or read news about forex exchanges that got hacked to this much gravity? I hardly think so. May be couple of cases due to human negligence or internal corruptions bu that too traceable considering they are having trail of centralisation. So why this is happening to crypto exchanges only? May be its more easy to get hacked and as OP stated they have very weak security aspects all the time. They also have KYC but they don’t have that much safety of their sites.

May be they have chance to state that we got hacked and now the money is lost because it was transferred by unknown bitcoin address and now there is no way to reverse it.

Sometimes it’s more fishy and looks like they do it intentionally.
jr. member
Activity: 280
Merit: 8
BTC Lover|Crypto Educator| We Grow by Learning!
I know people who are still dubious about the cryptocurrency sector because they worry about losing their money to scams or security breaches, which has been a typical occurrence in this market.
Since the majority of users appear to have welcomed the requirement for required KYC, I believe the focus should now be on enhancing exchange security.

I am aware that KYC may reduce fraudulent activity, however dealing with hacking and security exploitation issues will need investing in the strengthening of security. Adoption could happen quickly with sufficient protection because safety will be assured.

The latest Houbi attack, which resulted in the theft of roughly $8 million worth of Ethereum, and a few other security exploitations of a similar nature on other trading platforms in the past don't bode well for the sector, which calls for the prioritizing of security. https://cointelegraph.com/news/huobi-global-crypto-exchange-hacked-report

Even though there are still very few trading platforms that have never experienced security exploitation, the recent incident with Houbi should serve as a reminder for everyone to remainattentive and prioritize their security.


Yes, I agree with you OP. Exchanges should go the extra mile to protect users' funds. Like the article, I just came across and I am very impressed with what the exchange is doing. They are actually increasing the level of their security
legendary
Activity: 2492
Merit: 1215
The other side of the coin is - no matter how well crypto exchange improve their security, there is a chance that their CEO or other high management will perform exit scam. No matter how secured exchange is, your money still are not safe. Crypto exchange have to learn a lot, but users have to learn even more. Even if crypto exchange has most up-to-date security, user with one careless move would  throw that security to dumpyard.
hero member
Activity: 1106
Merit: 912
Not Your Keys, Not Your Bitcoin
I know people who are still dubious about the cryptocurrency sector because they worry about losing their money to scams or security breaches, which has been a typical occurrence in this market.
Since the majority of users appear to have welcomed the requirement for required KYC, I believe the focus should now be on enhancing exchange security.

There are many valid reasons why centralized exchanges are not the best to live your coins, in short, an exchange is not a place to keep your coins, as the name implies, "exchange" which means to trade and not custodial but people are so daft to believe usernames, emails, strong password and 2FA is enough to give them high-level security, only a newbie that understands nothing about security and centralized exchanges will believe such cooked lies, your coins are not stored on exchanges but their own personal wallets while they only control the front end to have data of what is really going on in the exchange.

There is no security that is more secure than personalized one, centralized exchanges will remain the same because they have junks of money across different chain which always raises eyebrows from hackers, even if there is a high level of security, their privacy are low which make them vulnerable to attacks, people will always want to know where there coins and tokens are kept, this alone zero the level of privacy and the teams knowing much about the security details also makes them vulnerable to attack even if there is high level of security.

Quote
I am aware that KYC may reduce fraudulent activity, however dealing with hacking and security exploitation issues will need investing in the strengthening of security. Adoption could happen quickly with sufficient protection because safety will be assured.

The latest Houbi attack, which resulted in the theft of roughly $8 million worth of Ethereum, and a few other security exploitations of a similar nature on other trading platforms in the past don't bode well for the sector, which calls for the prioritizing of security. https://cointelegraph.com/news/huobi-global-crypto-exchange-hacked-report

Even though there are still very few trading platforms that have never experienced security exploitation, the recent incident with Houbi should serve as a reminder for everyone to remainattentive and prioritize their security.

Do you know the advantage of entrusting private keys to yourself, its because when you did the back and storage offline, nobody in this life except you alone knows how and where you kept and that makes you safe(if you did it professionally) but when two or more people do that, even with multi-sig, it gives room for suspicious of others, anyone can pull tricks just to outsmart the other person, and that is the problem of centralized exchanges, there is always backstabbing.

You see that Houbi hacked that just happened, it is not the first and neither will it be the last because centralized exchanges will always be open to mistakes as far as its organogram is concerned. Not your keys, not your coins.
sr. member
Activity: 952
Merit: 275
KYC can't reduce fraud activities on crypto exchanges because they are automatically centralized, whatever is going om in any centralized exchange are not hidden, they can be traced, ok why hasn't KYC helped with the FTX case? The only thing that KYC does better is prevention from criminal activities by the exchange users, maybe laundering money using the platform?

The Huobi attack is not a direct attack, because I have some money on the exchange when the hack happened, not a single cent of money was removed from my balance, as I went deep into more research, I came to understand that the hacker deceived the exchange users by pretending like the real huobi services.

CZ vows to get to the bottom of the this and he is starting to use his own security teams on this attack already, lets see how this will turn out, nothing in the crypto space is completely impenetrable, we only have to keep our heads up and prevent stupid mistakes from our sides.
hero member
Activity: 2464
Merit: 594
As they say, there's no perfect system. When security is enhanced or improved, hackers and scammers also find ways to bypass it, so they evolve as well. There's another point to consider – those who create anti-virus are the ones who make viruses, does that make sense?

What's more concerning than stolen assets is our data, our personal details, and our bank accounts. Because we can become victims of identity theft. If only coins/tokens are stolen from exchanges, they can possibly be recovered and compensated. But the KYC information we've submitted is now in their hands, and that's a different story.
hero member
Activity: 686
Merit: 987
Give all before death
I know people who are still dubious about the cryptocurrency sector because they worry about losing their money to scams or security breaches, which has been a typical occurrence in this market.
Since the majority of users appear to have welcomed the requirement for required KYC, I believe the focus should now be on enhancing exchange security.
The cryptocurrency financial sector is in its developmental stage so issues like hacks and scam projects will always occur. As old as the fiat banking system they still suffer from security breaches and scams. In 2022 banks in the US paid close to $1.2 billion ransomware payments. So these attacks are not limited to the crypto industry but as the sector grows, it's security will improve.

I don't think that the majority of people are comfortable with KYC because it is an arbitration of the concept of bitcoin. The only reason why people give out their KYC is because they have few options. In my country, centralized exchanges are the major means of dealing with Bitcoin this is due to the fact that we have limited P2p platforms.  It would not be a bad idea for exchanges to adopt current security measures to curb these attacks but some of them went bankrupt not because of attacks but mismanagement.

Quote
I am aware that KYC may reduce fraudulent activity, however dealing with hacking and security exploitation issues will need investing in the strengthening of security. Adoption could happen quickly with sufficient protection because safety will be assured..
These attacks will not end automatically, in fact, they might always be a problem in the crypto sector. Adoption should be promoted using the right information. People should be aware that they can keep their money in a safe non-custodian wallet and be their bank. They should be taught how to protect their coins against hacks. We should let them know that keeping money in centralized platforms is riskier.
hero member
Activity: 2814
Merit: 734
Bitcoin is GOD
It's not only scams, hacks, or other data leaks, you should also be concerned about the platform itself. There are platforms popping out every now and then. They all require KYC or they will offer you this and that for successfully completing KYC verification. Some of them will collect the data and sell it to people for money.
Enhancing security means nothing. What I believe is that, if the right person chooses, then that person can hack it no matter what the security measures are. It's all about time. Once a person finds a loophole then they can hack it.

Now to keep ourselves safe, we need to do it personally. Our privacy is ours to keep. Centralized exchanges are required to some extent but it's not something that we can't live without. There are some other alternative decentralized platforms in existence. Maybe trying some from that list might help. But they are not immune to hacking or scams either. So my suggestion is, to only deposit what you need to work with. Otherwise, keep everything in a private wallet. Not your key, not your coin.
Exchanges are just a huge target for hackers, scammers and even governments, so anyone that wants to use them should do so with a very clear intent, which is to buy and sell whatever they need and then send their coins out of the exchange.

Such a thing should take just a few minutes and this will reduce the chances of losing your coins dramatically, however very few people do this as they prefer to save themselves a few dollars and keep their coins in their favorite exchange, not understanding the massive risk they are taking by doing this.
sr. member
Activity: 1008
Merit: 366
It's not only scams, hacks, or other data leaks, you should also be concerned about the platform itself. There are platforms popping out every now and then. They all require KYC or they will offer you this and that for successfully completing KYC verification. Some of them will collect the data and sell it to people for money.
Enhancing security means nothing. What I believe is that, if the right person chooses, then that person can hack it no matter what the security measures are. It's all about time. Once a person finds a loophole then they can hack it.

Now to keep ourselves safe, we need to do it personally. Our privacy is ours to keep. Centralized exchanges are required to some extent but it's not something that we can't live without. There are some other alternative decentralized platforms in existence. Maybe trying some from that list might help. But they are not immune to hacking or scams either. So my suggestion is, to only deposit what you need to work with. Otherwise, keep everything in a private wallet. Not your key, not your coin.
hero member
Activity: 1092
Merit: 747
I know people who are still dubious about the cryptocurrency sector because they worry about losing their money to scams or security breaches, which has been a typical occurrence in this market.
Since the majority of users appear to have welcomed the requirement for required KYC, I believe the focus should now be on enhancing exchange security.
Exchanges are meant for trading, and likewise, wallet for hodling coins, but just that most times people mistake what is meant to be done on an wallet on an exchange because of the presence of the wallet feature, which is why I think majority keep falling victims whenever there is a hack or security breach, which is ought not to be that way. So in regards to this, I think while we keep letting exchange know the importance while it's good to have an improved security, let's not forget to educate people also on the reason why it's very much important not to hold much funds on an exchange but a very secured non-custodial wallet where they can have access to the private key to their funds.
hero member
Activity: 994
Merit: 1089
You are right; the KYC was made so that fraudulent activity would be reduced and people could not scam others in p2p trades, etc.
Bisq is a p2p exchange, no kyc and no data required to trade on bisq, yet it is so difficult to scam your trading partner in the bisq network, except they do not know what they are doing. Bisq is so secure because funds are locked in a 2-of-2 multisig wallet, and the two traders control the keys during the trade. This is more effective to mitigate scam as you control your funds as you trade, you don't lose control of it like you do in Binance or Coinbase.
hero member
Activity: 770
Merit: 828
Leading Crypto Sports Betting & Casino Platform
Nothing can be 100% sure, there is always some way to get into anything unfortunately.

But seriously though, companies, sites and so handling other people's money should always have the highest priority to keep the costumers funds save. It is a real shame that sometimes, when big hacks or whatever occur these companies leave their costumers in the dark without any info or reimbursement.
Basically they say, bad timing, better luck next time.

There have been several gib hack in the past and it seems nothing has be learned from them. There is always a next one exploiting already knows leaks of security. Why that is even possible, I can't wrap my head around it.
hero member
Activity: 1414
Merit: 670
Even though there are still very few trading platforms that have never experienced security exploitation, the recent incident with Houbi should serve as a reminder for everyone to remainattentive and prioritize their security.
Nothing can be perfect, many platforms have back doors that can lead hackers straight into the exchange, and hackers are now smarter than before. I am really amazed to see their hard work and how they proceed to make attempts. You are right; the KYC was made so that fraudulent activity would be reduced and people could not scam others in p2p trades, etc.

Still, KYC does not make any exchange vulnerable to hacks, but the back doors and out-of-date infrastructure of the platform and the lack of enthusiasm of the team make the platform vulnerable to hacks. And the Houbi exchange had some issues with liquidation, which was also discussed here.

I wanted to know which exchanges have not been hacked yet; you should write some examples. It would be helpful.
hero member
Activity: 994
Merit: 1089
Since the majority of users appear to have welcomed the requirement for required KYC, I believe the focus should now be on enhancing exchange security.
With the high number of users who have registered on centralized exchanges and custodial services, you are right if you say majority of BTC users have undergone kyc, if they agree with it or welcome it? I do not know about that, but i know most BTC users choose centralized services over decentralized solutions like p2p exchanges, because they think it is more 'convenient'.

It goes without saying that you should not store your BTC's in a centralized exchange, they bite the dust too often and they use your money to make more money for themselves through fractional reserve scam. If you use p2p exchanges and self custodial wallets, you don't have to worry about what happens to centralized exchanges.
full member
Activity: 924
Merit: 148

Damn, I find it so funny this bullshit thread was translated into 13 languages. The arguments are incredibly dumb. And the the thread itself is so huge that I am impressed of the amount of work that has been done to make such a huge piece of shit.

but we should also ask these organizations on how effective have they been maintaining their websites security network, what attention are they giving it, how much do they spend in assuring this security measures.

You really expect to get the answer? Organizations can't publicly discuss the details on their security system as it is actually exposing it to hackers. Your funds are safu and this is it.
legendary
Activity: 3248
Merit: 1402
Join the world-leading crypto sportsbook NOW!
I agree that crypto exchanges must invest in better security, but there are also a couple of other things to note here. First, people must learn to only store what they're totally fine with losing on exchanges because a centralized platform is a risk not just due to possible hacks but also exit scams, mismanagement of customers' funds, etc. Second, crypto exchanges sometimes claim there was a hack, when in all likeliness it was an inside job that led to funds being stolen from customers.
I also stand with those who aren't sure KYC is that useful, especially in the context of security.
legendary
Activity: 1456
Merit: 1108
Top-tier crypto casino and sportsbook
~
You are always advised not to store your bitcoins on exchanges. As a step to ensure your personal security cold wallets are recommended for use because they are not connected to the internet and operate offline.

You should never fully trust exchanges no matter how big their name is because since almost everything is hackable, you will not know when hackers will decide to want to exploit security vulnerabilities that these exchanges are unable to detect on time or vulnerabilities that they choose to overlook.  
hero member
Activity: 994
Merit: 744
Since the majority of users appear to have welcomed the requirement for required KYC, I believe the focus should now be on enhancing exchange security.
Most users who welcomed the KYC requirement on any exchange are those who like trading and are very sure that they will get the best trading futures on centralized exchanges. Not because KYC enhances security, but because I believe that doing KYC will only expose your privacy to the world, and once you submit KYC, you should just be prepared because your personal details might be sold out anytime.

Quote
I am aware that KYC may reduce fraudulent activity, however dealing with hacking and security exploitation issues will need investing in the strengthening of security. Adoption could happen quickly with sufficient protection because safety will be assured.
I don't believe that, because most exchanges that are getting hacked these days are all KYC exchanges, but if you have evidence, you can share it here on how doing KYC on an exchange enhances its security.

Quote
Even though there are still very few trading platforms that have never experienced security exploitation, the recent incident with Houbi should serve as a reminder for everyone to remainattentive and prioritize their security.
The security we should patronize is to move our coins to our personal wallet that will not be under any third party since the hacking of Centralize exchanges has now become a trend. Who knows which exchange might get hacked today because the security they claim they will provide is always failing.
Let's always remember this "Not your keys not your coins"
hero member
Activity: 714
Merit: 521
Even though there are still very few trading platforms that have never experienced security exploitation, the recent incident with Houbi should serve as a reminder for everyone to remainattentive and prioritize their security.

Exchanges are being attacked, mixers are being attacked and also there are several attacks aimed at gambling organizations to cheat on their system, which means we are to always get ready of anything that relates to this each time we are using a centralized institution because they are more subjected to hack by the scammers, but we should also ask these organizations on how effective have they been maintaining their websites security network, what attention are they giving it, how much do they spend in assuring this security measures.
sr. member
Activity: 504
Merit: 279

Since the majority of users appear to have welcomed the requirement for required KYC, I believe the focus should now be on enhancing exchange security.

I don’t agree that majority have actually agreed to the KYC protocol implemented by exchanges, it is mostly exchanges that have come to the conclusion that KYC adds another level of security to their users. If you read some news once any non-KYC exchanges enforces KYC you will see some of the users fuming, most especially bitcoiners. Most just stick to the exchanges because they aren’t many out there that can provide them with some features they want. Decentralized Exchanges would have been a place to habour them but most do not have enough liquidity.


I am aware that KYC may reduce fraudulent activity, however dealing with hacking and security exploitation issues will need investing in the strengthening of security. Adoption could happen quickly with sufficient protection because safety will be assured.

One effective way of preventing this security breaches is to be very cautious in handling our storage devices, do not because you looking for something easier you compromised your security like not going through to have knowledge of how to save your money or coins on cold wallets, to not wanting to take the stress of having to store your keys yourself and there for either entrusting your keys to others or storing the funds on platforms. Also carefully scrutinizing any related information concerning your accounts ranging from mails that could contain phishing links or downloading just any applications
legendary
Activity: 2310
Merit: 4085
Farewell o_e_l_e_o
Since the majority of users appear to have welcomed the requirement for required KYC, I believe the focus should now be on enhancing exchange security.
If you want so, you must write many emails to many exchanges as one of their customers to request them to do that to solve your concern. This forum is not a relevant place to do it because very limited exchanges have representatives in Bitcointalk. Even they are here, they probably don't see your thread.

Users must change their attitude and practice first as it is more easily to do than asking for changes, security improvement from exchanges. They must focus on what they can control so focus on themselves and how they can change their security practice first.

Quote
I am aware that KYC may reduce fraudulent activity, however dealing with hacking and security exploitation issues will need investing in the strengthening of security.
I am unsure that KYC can reduce fraudulent activities a lot.

Why KYC is extremely dangerous – and useless
legendary
Activity: 3080
Merit: 1500
Web security can never become bulletproof. It's due to the nature of the business. As Alpha Merine had correctly pointed out that the hackers will get more sophisticated along with the systems. So no platform can stay 100% secure from the hacking attacks. It will be a part of their daily operations.

Yes, we need to see how the exchanges can handle such attacks and what they do after the attack. Also it is required to have a complete insurance cover to protect the consumer funds. That's what sets the exchanges apart from the competition.
hero member
Activity: 1036
Merit: 674
Since the majority of users appear to have welcomed the requirement for required KYC, I believe the focus should now be on enhancing exchange security.
Are you being serious right now because, I’m not taking you up on that.
The cryptocurrency space and it’s users have never been very welcoming of the KYC idea. It’s not an entirely bad idea but, anonymity remains a vital part of the cryptospace and KYC sort of takes that away from you. It’s mainly an option that you can’t refuse on a much needed service else, majority of users that occupy the cryptospace aren’t arms open to KYC.

I am aware that KYC may reduce fraudulent activity, however dealing with hacking and security exploitation issues will need investing in the strengthening of security. Adoption could happen quickly with sufficient protection because safety will be assured.
Yeah, that’s one of its benefits but, where it becomes an issue of concern is about the safety of these KYC documents. In cases of obvious hacks, while most of the focus might be centered on the money being stolen, data are also picked up along the way too.

the recent incident with Houbi should serve as a reminder for everyone to remainattentive and prioritize their security.
When it’s a hack on the exchange, it has nothing to do with you but still, you must ensure to take security seriously.
sr. member
Activity: 686
Merit: 332
As security gets more sophisticated, that's how criminals also get sophisticated. Hacking into systems will always be a thing no matter how the world gets.
We can't trust these exchanges to have top-notch security or not be careless with anything. Even if they're not careless, a single mistake can lead to a hack.

So it's best to not leave your coins in an exchange. As a trader, you can leave a certain amount you're amount to use to trade but leaving a large amount on centralized exchanges is not advisable.

The fact that your coins are a non-custodial wallet doesn't mean it's ultimately safe. You also have to be careful and take every security measure possible. Hackers don't only attack exchanges. They're also constantly looking for ways to access wallets.
So even if you don't trust centralized exchanges, you still have a role to play to keep your coins safe.
legendary
Activity: 1834
Merit: 1208
As good as the security they can improve or enhance, it's not make they 100% will never get hacked because online website are prone to get hacked.

Huobi isn't the only one exchange get hacked, centralized exchange already get hacked since 2011 [1] and every year there's always an exchange get hacked. So it means, all centralized exchange only waiting their turn to get hacked.


[1] https://bitcointalksearch.org/topic/hacked-exchanges-since-2011-5090869
member
Activity: 64
Merit: 32
I know people who are still dubious about the cryptocurrency sector because they worry about losing their money to scams or security breaches, which has been a typical occurrence in this market.
Since the majority of users appear to have welcomed the requirement for required KYC, I believe the focus should now be on enhancing exchange security.

I am aware that KYC may reduce fraudulent activity, however dealing with hacking and security exploitation issues will need investing in the strengthening of security. Adoption could happen quickly with sufficient protection because safety will be assured.

The latest Houbi attack, which resulted in the theft of roughly $8 million worth of Ethereum, and a few other security exploitations of a similar nature on other trading platforms in the past don't bode well for the sector, which calls for the prioritizing of security. https://cointelegraph.com/news/huobi-global-crypto-exchange-hacked-report

Even though there are still very few trading platforms that have never experienced security exploitation, the recent incident with Houbi should serve as a reminder for everyone to remainattentive and prioritize their security.
Jump to: