Challenges that modern cryptocurrency exchanges face

Cryptocurrency exchanges are currently one of the main targets for cybercriminals aiming to steal cryptocurrencies using illegal means.

The cryptocurrency exchange security issue is the biggest problem of all as all the crypto enthusiasts know the stories of stolen cryptocurrencies, tokens and coins from many exchanges in the past.

According to Blockchain experts from CipherTrace Security in the first half of 2018, 731 million dollars were stolen during hacker attacks. Most of these hacks are mostly attacks on stock exchanges, however, there are many hackers whose goal is to personally invest in cryptocurrencies.

Tom Robinson, co-founder of Elliptic, a London-based company that tracks and tries to prevent criminal activity in cryptocurrencies stated:

“Currently, attacks on stock exchanges are becoming more risky for hackers, so they are moving to ordinary people — things like phishing attacks and attempts to cheat people are on the agenda in the crypto world “

According to Elliptic statistics, there has been a fivefold increase in the number of phishing attacks since the beginning of 2018.

“There are more and more people who are starting to buy and use Bitcoin, but their technical advancement is not sufficient enough to be fully aware of the risks and security. Thus, they are much more susceptible to phishing attacks “ — adds Tom.

Below are the 3 most common ways that hackers use to steal your cryptocurrencies on the stock exchanges and how to avoid them.

Phishing emails

If you post a lot about cryptocurrencies on Twitter or other social platforms, you’ve probably received dozens, if not hundreds of phishing emails, which are notifications from the cryptocurrency exchanges where you can find login links.

It’s nothing but a classic phishing scam to collect login details. Although they are usually very easy to detect, some hackers have become more clever and developed phishing emails that look very much like real notifications that are sent from the official addresses of real stock exchanges.

It is very important to be vigilant every time you receive an e-mail from any cryptocurrency exchange and it is best to log in using the browser to make sure you hit the right page. Never log in using a link in an email if you want your login details to be more secure. Once you open it and nothing will happen because it was an e-mail from the correct address, but what if you open the habit with bad news? A non-reversible error can cost a lot.

False exchange addresses

Although phishing emails are probably the most common attempt to steal user credentials, fake listing sites are becoming another popular hacker tool for accessing cryptocurrency investors’ funds.

When you enter the exchange name on Google, you’ll regularly see the exchanges listed at the top of the search results as an ad. It is not always clear, however, that some of these ads were brought by hackers and lead to a website that looks almost identical to the original website of the exchange. Such a well-fake website is for one purpose only: it is only intended to steal login data to transfer your cryptocurrencies to the real stock exchange as soon as possible.

Sites with fake addresses were already created like Bittrex, Poloniex, Binance and many other exchanges.

Google began to fight these types of ads, but new fake listing sites are still being discovered regularly. Fortunately, users get information quickly into the network as soon as the first victims of theft appear.

Hacking email addresses

Perhaps the most dangerous method of theft is hacking into your inbox by hackers in order to access the exchanges and reset your passwords.

While they can hack an e-mail account, hackers can also delete them, provided they have the phone number of the theft victim. If you have 2-FA security (two-level authentication) for your email account — which is typical for Gmail accounts, then the hacker can take advantage of the vulnerability in signaling system 7 (SS7) in telecommunications networks to even access the victim’s mobile phone through functions of text messages. So is 2-FA as safe as it would seem?

In particular, watch out for your accounts. Under no circumstances, do not write your passwords on browsers and before you open the meila that comes from the stock exchange you use, remember this article.

Blochchain.io: challenge accepted!

How then are exchanges protecting themselves from the possible hackers attack? I will explain this on the Blockchain.io exchange example as this company has implemented plenty of modern mechanisms that make the cryptocurrency theft from the exchange virtually impossible (or at least very, very hard to perform).

The main difference between Blockchain.io and other cryptocurrency exchanges is their strong cooperation with Payimum, the first and oldest cryptocurrency exchange in Europe that had been hack-free since 2013. Blockchain.io will implement the Paymium’s technology like encrypted cold storage, hard storage and cryptographic proof of reserves together with fair-exchange protocols enabling cryptocurrency atomic swaps to eliminate the counter-party risk. Moreover, Blockchain.io will be fully transparent due to exhaustive accounting records regularly audited by independent professionals, and fully compliant with all applicable regulations and international laws, including AMF, SEC and ACPR registration to name a few. Using Paymium advanced technology, team, security protocols and infrastructure, Blockchain.io will remain fully operative and fully resilient to hacks under high volume, heavy traffic conditions or attacks.

It might be a far-fetched conclusion, but with the current approach to cryptocurrencies, the blockchain, and other new technologies, the Blockchain.io and Paymium merge might be a new frontier of cryptocurrency exchange operations especially when the idea of the Internet of Value will find applause among the crypto enthusiasts all over the world.