The researchers named 3 scenarios ...

Researchers named 3 scenarios for hacking digital asset exchanges
CONTENT

  • According to researchers, there are three approaches to hacking digital asset exchanges

  • Fraudsters can use the trust of users to the exchange in their work

  • Not all popular crypto platforms provide the required level of security

The researchers named 3 scenarios ...

International consortium of news organizations developing transparency standards.

There are three scenarios for hacking digital asset exchanges. This point of view was presented by the researchers during a speech at the Black Hat computer security conference..

Three approaches to hacking exchanges

According to experts, many crypto trading platforms, despite attempts to strengthen their security, are still vulnerable to hacking. Omer Shlomovits, co-founder of security solutions provider KZen, and cryptographer Jean-Philippe Aumasson, believe that cyber attacks on digital asset exchanges can be categorized into three categories:

    The researchers named 3 scenarios ...
  1. Internal.
  2. Based on the relationship between users and the project.
  3. Extraction of private keys.

Internal attacks involve the work of an insider. The method involves looking for loopholes. Among other things, fraudsters check the possibility of organizing access based on the platform code database. Attackers can involve trusted persons in their work, with the help of which they can get the tools necessary for hacking.

The researchers named 3 scenarios ...

An example of an internal attack is hacking through the vulnerability of project libraries. To do this, scammers use an update mechanism. With it, hackers can change parts of the key for denial of service. So the account owner can lose access to their funds on the exchange..

An attack in which scammers exploit the exchange-user relationship implies manipulation. For example, hackers can send a platform client a request to confirm data on behalf of the exchange. The information obtained opens access to the victims’ accounts for attackers.

The third hacking option can be implemented at the moment the trusted parties receive their parts of the access key. Each batch is randomly generated numbers that must go through a public review. According to researchers, not all trading platforms pay attention to this process. As a result, fraudsters can replace parts of the keys with other values ​​in order to ultimately gain access to the victim’s funds..

The experts cited Binance as an example of an exchange that did not check the values ​​for a long period of time. The developers of the project, according to the researchers, had to correct the flaw in March this year. Learn more about the security system of the trading platform from our material.

Read Also: Binance Launches Two More Crypto Lending Products

Recall that in the fall of 2019, messages from project representatives appeared on the network, according to which the Binance team began to demand money from them for “protection from hackers”.

Disclaimer

All information contained on our website is published in good faith and objectivity, and for informational purposes only. The reader is solely responsible for any actions he takes based on the information received on our website..

Share Article

Similar articles