Researchers named 3 scenarios for hacking digital asset exchanges
According to researchers, there are three approaches to hacking digital asset exchanges
Fraudsters can use the trust of users to the exchange in their work
Not all popular crypto platforms provide the required level of security
International consortium of news organizations developing transparency standards.
There are three scenarios for hacking digital asset exchanges. This point of view was presented by the researchers during a speech at the Black Hat computer security conference..
Three approaches to hacking exchanges
According to experts, many crypto trading platforms, despite attempts to strengthen their security, are still vulnerable to hacking. Omer Shlomovits, co-founder of security solutions provider KZen, and cryptographer Jean-Philippe Aumasson, believe that cyber attacks on digital asset exchanges can be categorized into three categories:
- Based on the relationship between users and the project.
- Extraction of private keys.
Internal attacks involve the work of an insider. The method involves looking for loopholes. Among other things, fraudsters check the possibility of organizing access based on the platform code database. Attackers can involve trusted persons in their work, with the help of which they can get the tools necessary for hacking.
An example of an internal attack is hacking through the vulnerability of project libraries. To do this, scammers use an update mechanism. With it, hackers can change parts of the key for denial of service. So the account owner can lose access to their funds on the exchange..
An attack in which scammers exploit the exchange-user relationship implies manipulation. For example, hackers can send a platform client a request to confirm data on behalf of the exchange. The information obtained opens access to the victims’ accounts for attackers.
The third hacking option can be implemented at the moment the trusted parties receive their parts of the access key. Each batch is randomly generated numbers that must go through a public review. According to researchers, not all trading platforms pay attention to this process. As a result, fraudsters can replace parts of the keys with other values in order to ultimately gain access to the victim’s funds..
The experts cited Binance as an example of an exchange that did not check the values for a long period of time. The developers of the project, according to the researchers, had to correct the flaw in March this year. Learn more about the security system of the trading platform from our material.
Read Also: Binance Launches Two More Crypto Lending Products
Recall that in the fall of 2019, messages from project representatives appeared on the network, according to which the Binance team began to demand money from them for “protection from hackers”.
All information contained on our website is published in good faith and objectivity, and for informational purposes only. The reader is solely responsible for any actions he takes based on the information received on our website..
EXMO announced the date of resumption of withdrawal of funds CONTENTS EXMO lost 6% of all its assets due to hacking of hot wallets Exchange representatives…
The head of the ECB called the timing of the launch of the digital euro CONTENTS The President of the ECB expects the emergence of the digital euro within four years Governor of the Bank of England…
Twitter Hack Shows Bitcoin Negatively CONTENTS Twitter Hack Will Negatively Affect Cryptocurrency Image…
The largest insurer of the Russian Federation named the advantages of the digital ruble CONTENTS One of the backbone Russian insurance companies expects the benefits of digital…
The head of the Central Bank of the Russian Federation called the timing of the pilot testing of the digital ruble CONTENTS The Bank of Russia plans to start pilot testing of the digital ruble already in…