Mechanisms inherent in the device of cryptocurrencies make them the standard of safety in comparison with banks and other payment systems. Hacking the top of the block chain is a daunting task even for the Pentagon. In the entire history of the Bitcoin network her, no one was able to crack: any hackers in search of easy money, nor the security services in an attempt to freeze suspicious assets, no Bank experts in order to weaken a growing rival. Alas, but against cryptocurrency exchanges, the situation is quite different. Each year the hackers to break their security system and the withdrawal of coins equivalent in millions of dollars. And no matter small is the stock market, or a large giant market promising unprecedented resistance to cracking. Over the past 2019 cybercriminals hacked into seven major kryptomere, leaving in their budgets a huge hole in the amount of $164 million to Who, when and how became the target of hackers and what consequences it led to, the DeCenter.
During the new year holidays, relatives and friends of users Cryptopia certainly wish them prosperity and financial stability, but these wishes have not come true. The year has started for them the loss of all digital assets that were once one of the largest cryptocurrency exchanges. The fifteenth of January, the exchange went offline, posting a message about significant losses and on gaps in the security system.
Until the end of February, the event had no immediate comment, and the work was not renewed. The guide explained that has no right to say anything during a police investigation. It is possible that in this there is a certain amount of guile. The real reason for the silence could be due to the normal fear to tell the truth.
As it turned out, Cryptopia was hacked, and the alleged damage amounted to $16 million the Number of victims — 900 000 people. It is still unclear what kind of security gap was used by cybercriminals. In August, the investigation revealed that the site did not create separate wallets
for users, but kept all the money in one place and never checked assets customer base with «total Treasury.»
The new Zealand platform tried to recover from the incident and in March was resumed trade, but the miracle did not happen. Users have lost confidence in it, so in may she began the process of liquidating and ten days later declared bankruptcy. The victims have not received compensation so far, and not the fact that he would receive it ever.
At the end of March last year, the Singapore exchange DragonEx shocked its customers the sad news of the hacker attack. Initially the team site refused to name the amount of damage, but four days later, in his Telegram channel reported losses in the amount of $7 million as a result of hacking of the security system.
The argument that in the exchange there was a critical vulnerability, not convinced management of the need to provide users a full refund. Instead, the platform stated that work on the «prior compensation plan» under which victims will receive compensation in the equivalent of the Tether and/or the local Dragon Token. Today, the exchange continues to operate with a daily turnover of about $200 million.
Less than a week after hacking DragonEx hackers have used the vulnerability of the South Korean giant Bithumb and brought to their addresses EOS 3 million ($13 million) and 20 million XRP ($6 million). The total damage amounted to about $19 million, but most notably, for Bithumb this is not the first case. The hacking occurred a year after large-scale hacking in 2018, as a result of the actions of criminals, presumably borne by the authorities of the DPRK, the South Korean stock exchange lost $31 million.
This time Bithumb suspects that the hacking was carried out by someone from the internal staff of the platform, since one of the exchange’s wallets guide recorded «crazy output». The management assured that the losses relate exclusively to herself and will not affect customers. Bithumb continues with a daily turnover of about $70 million.
In late spring the attackers encroached on the largest cryptocurrency exchange turnover with the most active community — Binance. Chanpen Zhao has repeatedly positioned its platform as a super -, but in fact words with deeds. May 7, hackers emptied hot wallet of the exchange, and brought more than 7000 BTC in one transaction. They were able to access the user’s API-key, 2FA codes and other information. Loss at that time amounted to $40.7 million.
Hackers quickly moved the coins and managed to convert a lot of stolen coins in Fiat. In response, the exchange market for the week closed I/o for enhanced security protocols and Troubleshooting, resuming full operation only on may 15. Team site assures that the losses were insignificant — the purse was kept only 2% of the total of all assets. But it is still more than $40 million that are owned by users. The management promised to compensate for 100% of all losses from your emergency Fund #SAFU.
In August the hacker onslaught on the stock exchange continued. Unknown under the pseudonym Platon Bnatov reported that broke into the account of the employee Binance and tracked the stolen in may. He also said that he owns the personal data of 60 000 verified users, therefore, began to blackmail the stock exchange, demanding a ransom of 300 BTC for silence. The management of the areas refused to cooperate and offered a reward of 25 BTC to anyone who will reveal the identity of the cybercriminal.
Not having received satisfaction of his claim, the hacker started to upload KYC data of users in social networks and Telegram channels. In the hands of cyber criminals was also the photo documents of the Russian traders. Binance said the leaked data does not correspond to reality, but in conversation with DeCenter one of the victims confirmed the authenticity of their personal information. Binance continues with a daily turnover of about $500 million.
In addition DragonEx, this year, suffered another Singaporean giant of the stock market — BiTrue. Hackers broke into the security system and managed to log into different users. They brought 9.3 million coins XRP ($4.01 million) and 2.5 million coins ADA ($232 000) on other exchanges. Thus the marketplace has lost access to $4 million custom tools.
Once it became known that a digital money went into the accounts of other exchanges, BiTrue tried to negotiate with them, asking to freeze the stolen assets. In the end, the leadership has promised to compensate all victims. BiTrue continues with a daily turnover of about $70 million.
In spring and summer, hackers were particularly active and did not miss the opportunity to look at the Asian market. In July, a victim of the burglars fell to the Japanese cryptocurrency exchange BITPoint. Information about how the attackers used the vulnerabilities has not been disclosed but it is known that as a result of hacking affected 50,000 customers, which together lost $23 million on their accounts, and another $5 million was stolen from the exchange. The total damage — $28 million
To cope with the consequences, the platform stopped work for a whole month, but to do on their own and failed. In the end, the parent company Remixpoint agreed to assume obligations to compensate victims of hacking. In August, kleptoplasty BITPoint resumed trading.
Almost all fall from hackers was quiet, until 6 November, when they cleaned out his last substantial sacrifice in 2019, the South Korean giant Upbit, once won the honorable first place in turnover on CoinMarketCap. Once the largest exchange on the planet for a few minutes lost 342 000 ETH coins — so much went to the address of the hacker. The damage amounted to $49 million, and the stolen coin has already successfully moved.
Representatives of the South Korean courts have assured that the losses will not affect users, and the damage suffered exclusively by the team of the exchange. However, trading was suspended for two weeks. Now Upbit continues with a daily turnover of about $30 million Despite the fact that, according to the manual, the situation was not supposed to touch clients at the same CoinMarketCap vengeance emblazoned inscription: «We have received reports about obstacles withdrawals and deposits on Upbit. Please be careful with your money».
2019 showed that in terms of security exchanges remain extremely inefficient. Major platform, shouting to the world about their invulnerability, chacales all year round — winter, spring, summer and autumn. Some users lose all their money. Others get compensation, but still suffer the damage:
Payment is charged immediately;
It is not always adequate to the losses;
Sites were forced to stop work for an indefinite period, therefore, in this period lost the opportunity of earning at the auction;
In certain cases, the hackers «merge» in the network and even passport data.
Moreover, on the Internet there are unconfirmed rumors that in some cases nobody hacks, and all the «hacking» is actually just an invention of cryptocurrency exchanges. Supposedly some go to this step with the aim to assign funds, while others want to show what they are cool to compensate all the losses and continue high-quality work even after a multi-million dollar «hacking».
Not the fact that in 2020 the situation will become better, so draw your own conclusions. We DeCenter we believe that they suggest themselves:
Do not store cryptocurrency exchanges use a personal wallet. Remember: exchange exists for trading.
Periodically withdraw profits, do not accumulate capital by trading platforms.
If we do not want to trade — send large assets.
Diversify trade, not using all capital on one platform.
2019 showed that the size of the exchange is not important. Any can be cracked entirely at any time. If you keep money there, remember that you can lose. Keep an eye on decentralized exchanges are the future.