Security issues still are the main barrier for the crypto exchanges. It has become a real pandemia in 2018: analytics report about cyber-attacks on a regular basis, and the numbers are solid. The total amount of losses is close to $1 billion. According to the report of Group-IB company, the losses for the 2017-2018 are estimated as $882 mln. Meanwhile, Reuters publishes another statistics by Cipher Trace: they estimate the losses as about $927 mln in 2018 alone. This volume is 250% more than during the previous year. The Japanese crypto exchanges are the ones who suffered most of it in the current year: Coincheck alone is considered to lose about $532 mln. The exact numbers in US dollars are hard to tell due to the high volatility of cryptocurrencies, but this does not diminish the whole problem. The war for stability and security is in the midst, and the industry must not lose it. Ilya SACHKOV, CEO and founder of Group-IB says that “the defensive strategy has already exhausted itself. It's time to become a hunter, not a target for attacks.”
Toon by Maxim Smagin
The Japanese financial services Agency (FSA), together with the Japan’s consumer protection Agency and the National police office, has inspected 23 cryptocurrency exchanges, of which 16 are already licensed to operate, and 7 are in the process. Regulators published a report with the results of inspections of local crypto-exchanges.
The report also says that it was Japan where two of the largest cryptocurrency exchange hacks in history took place. First attack (2014) on the stock exchange Mt.Gox resulted in the loss of $450 million. The second hack occurred with the exchange Coincheck in January 2018 and worth $500 million (read more)
Hack attacks in the crypto industry have become so common that news about another exchange hacking does not surprise the crypto community that has already experienced a lot. According to the report “ Spam and phishing” in the second quarter of 2018 $ 2,3 bln was stolen. As for the global trend, scammers stole $ 1,2 bln in 2017 and $ 1,1 bln in the first half of 2018. It seems that the crypto community does not learn from its own mistakes (read more)
In some ways, a lack of regulation can be a good thing, as it lets industries exert their own autonomy and naturally grow, however it also means that simple actions can become dangerous. For example, the act of using an exchange such as Mt.Gox cost some users all their funds. Not just was this an issue regarding lack of regulation, but also lack of transparency. Nobody knew exactly what was happening as the exchanges deliberately kept people in the dark. This meant that only a handful of people were able to notice suspicious behaviour. A similar situation also happened years later with Coincheck, where a significant amount of NEM was stolen from traders (read more)
The blockchain industry is keen on self-regulating: it has been created following these principles. Knowing that, crypto exchanges should understand one clear message: if you avoid implementing transparency in your business, the community will do it. And the outcome might be not so positive if you’re not properly prepared.
“Exchanges have a really tough time being consistent with how they deliver data to their users through their APIs. The problem with this is that it doesn't engender confidence in users. Their APIs can often go down, change their data format, have fake data in production, etc. As a result, it's hard to trust the data you see on an exchange.They need to manage their data schema and formats better, provide clear documentation to their users, and give explanations why prices/volumes look the way they do. This is going to take time, but it's something they'll have to do for customers to be confident in their systems (read more)
Over the past couple of years, Japanese exchanges and cryptocurrency wallets have been literally shaken by hacker attacks. The National Police Agency (NPA) released on September 20 data for the first half of 2018: the number of registered incidents was 158, which is three times more than in the same period of 2017. That amount has even exceeded the total quality for the whole last year, when 149 cases of Internet attacks was committed. This report was timed to the recent cyber attack of Zaif, one of the largest crypto exchanges in Japan, that is actually managed by Tech Bureau Inc. The shock was also caused by the fact that this exchange was licensed under all the rules and inspected regularly. The attack was registered on September 14, but the exchange was in no hurry to report it, and found an unusual outflow of funds only after 4 days. On September 17, the movement of digital assets was suspended. And only on September 18, Zaif reported a loss of about $60 million (read more)
The cryptocurrency sphere has become the main target for hackers in recent years. For 2017 and 2018, the phishers stole about 56% of the funds from the ICO fees. 14 crypto-exchanges also suffered (the total damage is estimated at more than $882 million). Some major attacks are attributed to hackers from the North Korean group Lazarus. Moreover, the cryptocurrency exchanges can also suffer from Silence, MoneyTaker and Cobalt. The main tool will still be targeted phishing.
One more hacking weapon that has been detrimental to cryptosphere in 2017-2018 was cryptojacking (a hidden mining). This kind of mining became possible due to Coinhive, designed for hidden mining, and seven similar programs (read more)