Author

Topic: Small Volume Spread Hack (Read 146 times)

legendary
Activity: 1526
Merit: 1179
June 04, 2019, 12:49:07 AM
#5
I think most exchanges already have a pretty strong and effective internal surveillance measures, but as said above, it's only effective up to the moment it no longer is, and that's when you lose as exchange.

I think it's more so that people should be more careful about how they log into their exchange account, and what bots and portfolio software/sites they use that ask for their API keys.

Best is to not use any of the available portfolio garbage that requires API access at all. I'm sure that most people using all this don't even know how to review the code, so they are more likely to become a victim.

As exchange you can't protect yourself against the stupidity of people at all.
legendary
Activity: 3094
Merit: 1127
June 03, 2019, 01:20:57 PM
#4
Stopping these things? It would be hard yet most exchange wont monitor every transactions that do happen internally until things are
getting too obvious and thats the only time they do react.

If we really want to avoid hacks, all we need to do is to start using DEX'es and stop focusing on convenience rather than safety, there might be some phishing attacks but the amounts stolen would be very limited and no one would get paranoid over inside jobs.
People would stick to traditional things even they do know that there are things which are far more better when it comes to security.
I dont know if they do just let theirselves to be blind or just simply dumb to remain even they do know the possible risk lies ahead.
staff
Activity: 3500
Merit: 6152
June 03, 2019, 09:47:47 AM
#3
It's possible to build it in a way where any sell order that is being made under a certain percentage of the current market price get flagged for example, but honestly, I don't think building efficient mechanisms to prevent hacks is doable though, at least, not without giving more power and control to exchanges.

If we really want to avoid hacks, all we need to do is to start using DEX'es and stop focusing on convenience rather than safety, there might be some phishing attacks but the amounts stolen would be very limited and no one would get paranoid over inside jobs.
legendary
Activity: 2170
Merit: 1427
June 03, 2019, 09:26:37 AM
#2
How do we prevent this in the future?

It's impossible to completely prevent it. Exchanges can however improve their internal monitoring algorithms to spot suspicious activity and freeze the involved accounts or halt withdrawals entirely sooner, but it only works until it doesn't. Hackers will always be able to outsmart an exchange, and we have seen that happen multiple times already.

Another thing you can try as exchange is to delist coins that have been reporting very low volumes for like 30-60 days straight. It doesn't prevent hackers from abusing low liquidity pairs, but it at least gives them less ammo to work with.

I have seen such an 'attack' happen in real time back when Mintpal was still a thing. A complete shitcoin got pumped by 5000% and hackers successfully managed to withdraw Bitcoin.
hero member
Activity: 960
Merit: 514
June 03, 2019, 02:46:13 AM
#1
I've been reading https://bitcointalk.org/index.php?topic=2594916.new#new and I know how it feels. It happened to me a year before.

The idea is that there are usually extra security in withdrawing.

For example, some API keys do not allow withdraw. We can specify not to withdraw with API and stuff. Poloniex and most exchanges even have warning before people enable API withdraw.

However, there is another way hackers can steal money.

They can trade at deliberate lost.

1. Convert all money into BTC
2. Find some low volume big spread pair
3. Repeatedly buy high sell low
4. A hacker account is the counterparty of such trades.

Some hackers do this in less than a few seconds.

There are things that the exchange can do to prevent this. If they seem something obviously asinine like this they can just block the hackers' account. Most of the time they do nothing. They can put a warning in front of everyone's before customers enable API.

I've heard several cases in Poloniex. I've heard some cases in hitbtc.

How do we prevent this in the future?

Jump to: