Crypto investors have come to rely on crypto exchanges because they provide liquidity, a wide range of trading pairs and convenience. Given the great benefits offered by crypto exchanges, direct peer-to-peer transactions are still less popular, especially among traders.

Over the years, crypto exchanges not only converted cryptos but also became custodians and even lenders by offering funds for margin trading. Trading on such platforms became convenient, but what about their security? Many traders entrust their funds to crypto exchanges, which use both hot and cold wallets. However, the threat of hacking attacks has always been relevant even with the most reputable platforms.

Crypto hacking attacks don’t go away

Ironically, the prefix of the term “cryptocurrency” was meant to show how secure the transactions and crypto operations are supposed to be. The origin of “crypto” is from the Greek word “kruptos,” which means hidden or secret. In fact, a “cryptocurrency” is nothing else than a digital currency built on a cryptographic system. So, how is it that we constantly hear about crypto exchanges being successfully hacked?

Well, most cryptocurrencies are secure indeed, given that they rely on distributed ledger technology — an umbrella term that comprises blockchain. However, holding private keys is more challenging, as digital wallets — whether hot or cold — go beyond a blockchain’s horizon.

Large crypto exchanges are attacked by hackers on a constant basis because of obvious reasons. Exchanges like Binance, Bithumb and Coincheck have been successfully hacked in the last two years alone.

At the end of November 2019, South Korean exchange Upbit reported that it had lost 342,000 Ether in a hack, which worth $49 million at the time. The company was forced to suspend all functions for about two weeks. The “irregular withdrawal” happened when Upbit was moving all crypto funds from hot to cold wallets for security reasons.

Year-to-date, the total volume of crypto-related fraud and theft resulted in losses worth $4.4 billion, according to CipherTrace’s report for the third quarter of 2019.

The most common types of attacks on crypto exchanges include using social engineering, DDoS attacks and injecting malicious code through malware. Besides these hacking methods, some attacks may be the result of an inside job.

The most popular social engineering scheme is phishing. Crypto holders are tricked into believing that they are dealing with a genuine crypto service, while in fact they are handing their personal data and private keys over to hackers. This is why it’s important to make sure you’re doing business with a real crypto exchange rather than its clones.

DDoS attacks are malicious attempts to attack a crypto exchange’s server or network by directing an overwhelming flood of internet traffic to it.

Can an exchange impenetrable for hackers be built?

The security of large crypto exchanges has evolved to the point that there are very few points of failures — but they still exist. At this point, no crypto exchange that stores client funds can claim that it’s unhackable.

Still, there are exchanges that can brag about their success in beating hacking attacks since their foundation. The best example of this is HitBTC, which was established in 2013. Notably, it is one of the oldest crypto exchanges out there, which makes its history even more relevant. The platform applies advanced encryption technology, relies on cold storage, and encourages users to enable the two-factor authentication and whitelist withdrawals. These measures help HitBTC ensure a high degree of security.

HitBTC has managed to attract many crypto traders, becoming one of the largest spot trading exchanges — with over 800 trading pairs and over 500 digital assets.

In an article about social engineering scams, HitBTC explained:

“There are hundreds if not thousands of scammers out there trying to impersonate our employees and steal funds from our traders.”

Thus, all crypto exchanges are exposed to potential hacking attacks — there is no way to avoid them. However, some crypto exchange services claim that they have no single point of failure, as they don’t hold clients’ crypto funds. These are so-called decentralized crypto exchanges. If they reside on a secure blockchain network, then they’re most likely to never be hacked.

All in all, the security of most crypto exchange is far from being infallible, as the cryptocurrency market is still struggling with regular threats from hackers. However, this is also true of any other market, as many governments, banks and corporations are targeted by hackers as well.

Learn more about HitBTC