The growing popularity of cryptocurrencies and cryptocurrency exchanges is accompanied by a growing interest of hackers to hack into exchanges, wallets or accounts to steal cryptocurrency. Consequently, the requirements for cryptocurrency exchanges to protect and enhance the security of cryptocurrency storage and further use are growing every year. What are the requirements for cryptocurrency exchanges?
Today, almost every operating crypto-exchange is comparable to banking systems in terms of security. But even this fact allows hackers to commit cyberattacks and steal valuable cryptocurrency funds. Phishing, fraud, chain of custody attacks or common hacks are the most common. In some cases, even computers not connected to the network can be hacked.
Exploring the security of cryptocurrency exchanges
Icorating’s recent analytical investigations into the security of cryptocurrency exchanges have selected 135 exchanges where cybersecurity experts have examined the top 4 security mechanisms:
- User Security;
- Domain & Registrar Security;
- Web Security;
- DoS Protection.
As a result of the analysis, not a single cryptocurrency exchange received the highest grade of A+. Many exchanges received high grades for 1-2 or 3 parameters, but none of them received the highest grade for all 4 indicators. Only 37% of the exchanges tested were protected against downgrade attacks, while 60% were protected against clickjacking.
Downgrade Attack refers to an attack in which a hacker forces a user to use less secure features, protocols that are still supported for compatibility reasons. Clickjacking is a deceptive technique based on placing action-evoking invisible elements on top of visible active ones (buttons, video playback, etc.).
Kraken and Cobinhood received the highest grade A among the tested sites. To ensure safety, these crypto exchanges keep the bulk of funds in the reserve fund on cold wallets. OKEx, for its part, has proposed the creation of a single SRO center for cryptocurrencies. It will be a global ecosystem that aims to develop and implement innovative security standards to increase transparency of the entire crypto market, and therefore the security of users and their wallets.
To date, all attempts by hackers to steal from blockchain networks such as Bitcoin, Ethereum, Cardano or Litecoin have failed. The networks showed a high level of protection every time. But in 2019, hackers managed to steal $300 million worth of cryptocurrencies. For example, in January 2019, Cryptopia, a cryptocurrency exchange, lost all digital assets due to security vulnerabilities.