- 5 June 2023
- Posted by:
- Category: News
A study by Crystal Blockchain and Cointelegraph revealed that from 2011 to 2020, the total amount of funds stolen in crypto exchange hacks exceeded $15.6 billion. Over 50 exchanges fell victim to these hacks, with several experiencing multiple breaches.
Among identified crypto attacks, cryptocurrency exchanges emerged as the most susceptible targets for cybercriminals, with 27% of the attacks directly aimed at these organizations. In most instances, the primary reasons behind these crypto hacks were attributed to the weak security measures employed by exchanges’ hot wallets. Less frequently, users fell victim to exit scams orchestrated by the platform owners themselves.
How hackers attack exchanges
Cyber-criminals are always on the lookout for weak points to exploit in order to gain unauthorized access to crypto exchanges. Let’s explore the methods employed by these malicious actors.
Cross-Site Scripting attacks
Most online trading terminals are susceptible to Cross-Site Scripting attacks (XSS), where attackers exploit vulnerabilities to inject rogue code into web pages. This code usually redirects traders to third-party websites or infects their devices with harmful software. This malicious software can include password-stealing viruses that target crypto wallets or alter the sender’s address in the clipboard.
Web terminals may not have HTTP headers that enhance protection against specific types of hacker attacks. For instance, the Content-Security-Policy response header safeguards against malicious content injection attacks, including XSS. The X-Frame-Options header defends against clickjacking attacks, while Strict-Transport-Security ensures a secure connection by enforcing the use of Hypertext Transfer Protocol Secure (HTTPS).
Exchange code vulnerabilities
According to Coverity Scan, approximately 0.3 errors are found in every 1000 lines of code. These errors have the potential to compromise the security of the platform. Even if exchange developers write code without errors, there is always a possibility of vulnerabilities in third-party software. For instance, security holes in the payment gateway, operating system, or messaging platform can be exploited to carry out phishing attacks or install malicious programs on the devices of exchange employees.
Smart contract vulnerabilities
Hackers can find vulnerabilities in a crypto wallet’s smart contract code, enabling them to gain control over the victim’s money. This can occur as either a targeted attack on a specific crypto wallet or a mass attack if multiple wallets share the same vulnerability.
As crypto experts from Traders Union note, one common vulnerability is the lack of proper input validation, which can lead to unexpected behaviors or manipulation. Additionally, re-entrancy attacks exploit the contract’s recursive call mechanism, allowing malicious actors to repeatedly withdraw funds before the contract can update balances. Another concern is the potential for integer overflow/underflow, where unexpected values can result in unintended consequences. Furthermore, insecure external requests may enable attackers to execute arbitrary code, compromising the integrity of the contract.
Malicious individuals, disguising themselves as exchange representatives, may employ spear phishing techniques to access employees’ computers. This process often takes months of persistent effort with the ultimate goal of obtaining private crypto keys. Hacking a personal user account becomes much simpler with the aid of fake mobile apps.
If attackers know that a particular individual is involved in crypto trading on an exchange or serves as an administrator for a cryptocurrency exchange, they can intercept their SMS messages and exploit them during the authentication or access recovery process. Here are some potential hacking methods:
- Wiretapping: Attackers can use specialized equipment, infect the victim’s phone with malicious software, or hack into the service provider’s server to intercept SMS messages.
- SIM card cloning: Attackers can clone the victim’s SIM card to gain unauthorized access to their SMS messages.
- False base station: Expensive equipment can be used to intercept and decrypt SMS messages by setting up a false base station.
- Hacking the carrier’s web platform: Attackers can compromise the user account on the carrier’s web platform to redirect all messages to the attacker’s phone number or email address.
- SS7 attack: By exploiting vulnerabilities in telecommunications protocols (PSTN, PLMN), attackers can also gain unauthorized access to SMS messages.
- Phishing call center operators: Attackers may use OSINT to collect users’ personal data and phone numbers and then contact the call center operator to fraudulently restore the victim’s SIM card.
Security measures implemented by crypto exchanges
Most cryptocurrency platforms employ one or more anti-hacker measures, with multi-factor authentication being the simplest and most commonly used approach. With this method, users must input a one-time password, typically sent to their email or phone, to approve each crypto transaction. A more advanced approach to multi-factor authentication involves the use of specialized applications like Google Authenticator.
Another widely used security method is multi-signature, where a crypto wallet requires multiple keys held by different owners to access the funds. With this system, all electronic signatures must be collected to gain access. However, it is important to note that this method can also have shortcomings. It is important to emphasize that a multi-signature setup is effective only if all the signers are independent of each other.
One of the most secure methods to safeguard against hacker attacks is distributing funds between hot and cold crypto wallets. Cold crypto wallets, in addition to physical security measures such as armed guards, video cameras, and retinal scanners, can also incorporate a multi-signature system. The greater the portion of funds stored in cold storage, the higher the level of security. Ideally, crypto keys should only be brought online during the actual transaction process.
Another protection method involves using Bitcoin Timelocks, which are features within the Bitcoin protocol designed to secure coins using a two-stage security mechanism with two distinct keys. To access the funds, a regular key is required, but complete control over the crypto is only granted after a specific (usually 24-hour) waiting period. Any transaction can be cancelled within this timeframe by utilizing the second key. Additionally, there is an added layer of protection: if a hacker manages to obtain both keys, the exchange has the ability to delete the funds stored in the wallet.
Crypto exchange operators have adopted a commendable practice of regularly conducting audits carried out by independent experts, along with testing for software vulnerabilities. These tests involve the participation of white hat hackers, whose objective is to penetrate security systems and identify potential weaknesses that malicious attackers could exploit.
Taking an integrated approach is crucial when addressing the security of cryptocurrency exchanges. This entails ensuring the security of the exchange’s own code, as well as safeguarding the third-party libraries and the development environment utilized during the platform’s creation. It is also important to take into consideration the human factor, as it often plays a significant role in facilitating hacker attacks.
Considering the significant user interest in digital currencies, crypto exchange hacks will likely remain a lucrative endeavor for hackers for the foreseeable future. Even knowing all of the primary hacking methods, crypto exchange owners cannot predict whether their platform will be targeted or how it will happen, as each exploitation of vulnerabilities is unique. Furthermore, cyber-criminals continually evolve their tactics and allocate more resources to attack crypto exchanges. As a result, it is impossible to provide a 100% guarantee that the crypto exchange you use will remain unhacked.
It is important to note that the compromise of user accounts on exchanges often occurs not due to the exchange’s fault but rather due to users’ negligent approach to securing their own funds. To safeguard your money from criminals, I advise you to adhere to a few recommendations:
- Avoid keeping cryptocurrencies on online exchanges for extended periods.
- Utilize the maximum available security layers the crypto exchange provides, such as multi-factor authentication and multi-signature.
- Refrain from storing wallet access information on an Internet-connected computer. Instead, copy it to external media and keep it in a secure place.
- Whenever feasible, opt for offline storage methods, such as cold wallets.
- Double-check the website addresses you visit, particularly cryptocurrency exchanges and similar services, to prevent falling victim to phishing attacks.
Crime within the realm of cryptocurrencies is relatively less prevalent compared to traditional financial institutions. For the average person, exercising a bit of caution, thoroughly researching user reviews, and adhering to exchange regulations is usually sufficient to navigate safely.
Cubit Technology – Impactful IT Support and Management for London’s Creative Sector
Nestled in the vibrant heart of London’s bustling Central district, Cubit Technology IT proudly extends its comprehensive support, management, and consultancy services to empower creative sector businesses within the realms of marketing, design, and more. Our mission is to catalyze the growth of these innovative enterprises through the transformative potential of technology.
From cutting-edge IT management that eradicates downtime to personalized consultancy services, delivered with a warm London welcome, we stand as steadfast allies in helping creative businesses harness the boundless power of technology to propel their success. Our approach is adaptable and multidisciplinary, ensuring that creative souls not only survive but thrive in the dynamic landscape of on-premise, hybrid, cloud, PC, and Mac environments in the vibrant city of London.
Reach out to us today, and let us show you how we can empower your London-based business to flourish with technology as its driving force.