Here’s Why Cryptocurrency Exchanges Keep Getting Hacked

Seoul-based Bithumb said it lost over $30 million worth of bitcoin and other cryptocurrencies in a cyberattack. It has since recovered some, lowering its loss estimate to $17 million.

Attackers know that the weakest links in any computer security system are human beings. Social engineering attacks can provide attackers with the information they need to access a cryptocurrency exchange.

There have been 56 cyberattacks so far since 2011, directed at cryptocurrency exchanges, initial coin offerings and other digital-currency platforms around the world, according to an analysis by Autonomous Research, a London-based financial-services research firm, bringing the total of hacking-related losses to $1.63 billion.

Some of the biggest hacks occurred at Japanese exchanges Mt. Gox in 2014 and Coincheck this past January. The most recent hack took place on July 9, when hackers swiped $23.5 million worth of cryptocurrencies from an Israeli platform called Bancor.

A lot of cryptocurrency exchanges run what is called a “hot” wallet that is connected to the Internet, where they store the virtual currency they know they will use to quickly fulfill their customers’ trades. Meanwhile, they might keep some — or even the bulk — of their customers’ funds in a “cold” wallet. This cold storage is disconnected from the Internet and inaccessible to customers, partly to ensure it is off limits to remote hackers.

While many exchanges have adopted techniques to protect their hot wallets, such as obtaining insurance on the funds inside or requiring multiple secret keys for access, it is impossible to eliminate the risk of a hack completely. Just as online criminals are constantly developing new forms of malware that exploit bugs in software its developers have not caught, hot wallets are vulnerable to the same kinds of risk.

Lee Gui-im, a retiree in Seoul, hasn’t been able to access her cryptocurrency assets for a month after Coinrail, the other South Korean exchange breached last month, temporarily shut down all services. That hasn’t discouraged the 61-year-old from continuing to attend meetups to identify her next cryptocurrency investment.

“Every exchange is in danger of hacks. This isn’t just Coinrail’s problem. I haven’t lost faith in [crypto] coins—just exchanges.”

Chainalysis, a New York-based blockchain-analytics firm, said South Korea has been a ripe area for hackers because of the market’s rapid growth in a short amount of time. The South Korean won is one of the most commonly used fiat currencies for trading cryptocurrencies. Kim Grauer, senior economist at Chainalysis said,

“There simply are many targets there. Some exchanges have not been able to maintain the proper level of defense as they have grown.”

The explosion of cryptocurrency and the billions of dollars pouring into it make it a very attractive target for cybercriminals. Blockchain technology has many benefits—one of which is security.

However, there is always a weak link somewhere. These examples illustrate that even though cryptocurrency itself might be secure, the cryptocurrency exchanges that process transactions and store digital currency can be vulnerable to potential hacks and to theft.

Leave a Reply

Your email address will not be published.