Earn up to 12% APY on Bitcoin, Ethereum, USD, EUR, GBP, Stablecoins & more.

Start Earning Interest

Cybersecurity Research: Crypto Exchanges are Easy to Breach With Minimum Effort

In 2018, within a span of two months, the largest crypto exchanges in Japan and South Korea were hacked. A New York-based cyber security firm declared more breaches are yet to come.

According to BLAKFX president Robert Statica, crypto exchanges are easier to hack than most online platforms, especially for experienced hackers. Statica explained that crypto exchanges are “easy to breach with minimum effort and expense, with maximum return on investment.”

Hacking into crypto exchanges is identical to breaching into banks to steal fiat currencies, given that cryptocurrencies like bitcoin and ether are valued at hundreds of billions of dollars in market valuation.

In May 2018, Coincheck, formerly Japan’s biggest crypto exchange, lost over $550 million in a security breach– the largest hacking attack in the history of the cryptocurrency industry.

Problem With Crypto Exchanges

The issue with crypto trading platforms, both minor and major exchanges, is that operators acknowledge there are severe issues with security standards implemented internationally by the cryptocurrency sector. Despite this, however, they are not willing to allocate sufficient capital and resources to improve the security measures of the platforms.

Lee, a user who lost her funds in the recent $40 million Coinrail hacking attack, said that she has lost faith in crypto exchanges, because “every exchange is in danger of hacks,” and operators of crypto trading platforms are not doing enough to prevent the attacks from affecting user funds

Post Coincheck and Bithumb security breaches, analysts found one similarity in the two hacking attacks; both companies said they lack experienced programmers working on the security aspect of their exchanges but have not appointed experts in the field to overhaul their compromised systems.

Coincheck Suffers Largest Crypto Hack in History, Thanks to Centralized Exchange
Related Story: Coincheck Suffers Largest Crypto Hack in History, Thanks to Centralized Exchange

In April 2018, prior to its $550 million hack, Coincheck admitted facing a shortage of engineers, even though the Financial Services Agency (FSA), the main financial authority of Japan, made it abundantly clear that without sufficiently secure systems and experienced security experts, crypto exchanges may have their licenses to operate as regulated financial institutions revoked.

At the time, Mike Kayamori, the CEO of Quoine, another Japanese cryptocurrency exchange, said:

“The FSA is breathing down necks on security, compliance and risk. And if you don’t hire, you won’t be able to survive,”

Unable to Defend

Kim Grauer, a senior economist at Chainalysis, said that crypto exchanges have become the target of every hacker and hacking group on a global scale, but exchanges have not been able to cope with the pressure and integrate strong security measures to combat intense attacks.

Consequently, in South Korea, the government started to demand crypto exchanges to obtain insurance from major insurance providers in the country to establish a secondary plan to deal with hacking attacks in the future.

UPbit, currently the largest cryptocurrency exchange in South Korea by daily trading volume, acquired the services of Samsung Fire & Marine Insurance, the biggest insurance company in South Korea, to cover losses in a potential hack. The exchange also integrated the services of BitGo, a leading multi-signature technology, and blockchain security development firm, to prevent suspicious transactions from being initiated.

UPbit is the fourth largest crypto exchange in the world, Bithumb removed from CoinMarketCap after halting deposits and withdrawals. (Source: CoinMarketCap)

To date, several major crypto exchanges such as UPbit, Binance, OKEx, Huobi, Coinbase, and Coinbase Pro remain unhacked, despite becoming the main targets of hackers worldwide, demonstrating that some exchanges are putting in the effort to secure user funds, while the vast majority are seemingly solely focused on profits through high-fee listings and aggressive expansions.

Like what you see? Subscribe for daily updates.