The Infamous Money Heist On Cryptocurrency Exchanges

June 23, 2020      Jyoti Singh

As people are making cryptocurrency a part of their daily lives, their concern regarding its security is also increasing. Along with active users, we can find the hackers are also increasing in the market. Every single day, we hear a news crypto-theft, account hacking and exchange hacks, however it is important to understand that bitcoin and any other decentralized currencies are quite secure due to the use of blockchain and cryptography. Hackers usually target the platform where it is stored to steal the digital currency.

Let us first understand why cryptocurrencies are considered more secure than fiat currencies,

  1. Encryption: Bitcoin is encrypted and backed with a special system called a blockchain. Bitcoin is hardcoded with cryptography encryption, which makes it unique and almost impossible to counterfeit. Each crypto transaction is encrypted with SHA-256 encryption type which would take years for present-day computers to decipher.
  2. Crypto transactions are public which makes it safer: Although the people who make transactions are anonymous, still their transaction is visible to everyone on a public ledger and each transaction can be easily traced using their respective public ledger. That means, if anyone tries to steal the digital currency then it will be recorded on the system.  
  3. Easily traceable: The crypto transaction is traceable because their servers are spread all over the world. If the hacker enters into one of the servers of the cryptocurrency, it would be not beneficial for him because from there he can not steal anything.

While cryptocurrencies in itself are not easy to counterfeit, but hackers often target vulnerable exchanges, wallets and platforms to siphon these cryptocurrencies.

Let’s understand it with an example!!.

In the month of April, a hacker attacked the Lendf.me platform and stole over $25 million worth of cryptocurrencies. During the investigation, it was found that the hackers had chained the bugs and the authenticated features from different blockchains so that it can organize reentrancy attack on the platform.

According to Hauri Inc. director, Simon Choi, the exchanges that allow the trading of cryptocurrency on its platform are not safe or secured because the technology used by them is not like the blockchain technology. Choi always believed that if the security of the exchange is not safe then the hackers can easily steal digital coins from there.

Choi has mentioned,

If the exchanges are to play their intermediary role, they should be as safe as banks and strengthen their security.”

Neither the crypto exchanges nor the crypto wallets take their security seriously. Traders expect that the exchanges where they trade their digital asset are highly secured, but it is not so. Some of the exchanges just claim that they are secured and some are there who fail at the most basic measures.

First Major Crypto Crypto Hack Of All Time

Largest Cryptocurrency Hacks

You must have heard of Mt. Gox hacking which happened in the year 2014, where the hacker stole around 740,000 Bitcoin from the exchange.

The Japan-based exchange was established in the year 2010 and by the next year, it became the world’s largest bitcoin exchange. But very soon, a hacker learned the credentials of the exchange auditor and transferred 2,609 Bitcoin in the year 2011, to a new address. The exchange was unable to find the key to the new address, therefore, decided to shut the operations for a few days.

Even after the attack Mt. Gox was able to survive in the market and by the year 2014, 70 percent of the Bitcoin transaction was being processed on this exchange. But, the bitcoin exchange with the biggest money heist possible, where hackers managed to steal a whopping 740,000 bitcoins worth billions in today’s value.

During the investigation, it has been found that the hacker who stole from the exchange in the year 2011, was continuously doing so and the company did not realize it. Eventually, the company recovered 200,000 Bitcoin but it was not able to gain the trust of its customer.

Regarding this hacking recently a report has been published by ICOrating.com which states that whenever a Bitcoin is stolen from the exchanges, they usually don’t take measures to make sure that it does not happen again. Despite taking any strong action, the exchanges surrender their funds. The report further states that the exchanges lack security practices and that is the reason hackers easily steal digital assets from their platform.

Other Exchanges Become Victim Of Hacking

Mt.Gox hack was the first significant money heist on a cryptocurrency exchange,  and when the news about the hack came into the public domain, it sank the value of bitcoin by 35%. However, as ICOratings report suggested, despite losing such a significant amount, other exchanges did not learn their lessons from it and the hacks continued to take place. Let us look at some of the other infamous hacks in the decentralized space.

Coincheck, a Japan-based exchange, was hacked in the year 2018, where it lost around $500 million worth NEM tokens to the hackers. The exchange lacked security and because of that, the hackers were able to have access to its fund and transfer it to another address. However, if this would have happened in the year 2011, the company might have to shut its doors. The exchange has repaid its customer and is presently working. Also, the exchange has improved its security after it experienced a huge loss of NEM.

Before Coincheck, two other exchanges named Bitfloor and Bitfinex became the victim of hacking.

Although Bitfloor did not loose much during hacking, still it was very significant. The exchange has saved it’s private keys online and the hacker managed to get its hand on it. During this overnight heist, the hacker was able to steal 24,000 BTC.  The exchange issued the refund but ended up closing the company.

In the year 2016, Bitfinex experienced a bit different kind of hacking. It has been alleged the two brothers cloned the major crypto exchanges and wallets, and then send those clones to the phishing sites. By doing so, the brothers have stolen $77 million worth BTC from the Bitfinex.

ICOrating.com analyzed around 100 exchanges whose daily volume surpasses $1 million and it found that those exchanges are careless in one or more areas of securities. The report by the ICO listing and analysis site notified:

  1. Around 41 percent of exchanges which accepts the password with less than 8 symbols. 
  2. There is 37 percent of exchanges which accepts password with digits or letters.
  3. 5 percent exchange while creating account does not verify it.
  4. 3 percent of exchanges lack 2FA.
  5. Only 4 percent of the exchanges have the best practice for domain security.

ICOrating.com Analyses Exchanges

While scrutinizing the exchange’s security the site found that none of the exchange near 90 percent, the highest score was secured by Coinbase and then followed by Kraken, Bitmex, Gopax and so on. ICO listed OKCoin the lowest as it scored 15/100 during the testing.

Conclusion

It has been found that 54 percent of the crypto exchanges have poor security and this increases the risk of hacking for them. It is high time the exchange should start taking proper security measures otherwise they would also have to suffer like Mt. Gox in future.

Articles You May Read.

Jyoti Singh
Jyoti Singh

Jyoti is a graduate from GGSIPU and has done her PG Diploma in English Journalism from IIMC. Presently, she is working as a content writer with Agio Support Solution Pvt. Ltd. Her aim is to provide informative content about cryptocurrency and blockchain, to the tech-enthusiasts.