According to statistics from Chengdu LianAn, exchange security issues have occurred from time to time recently:
1. The hot wallet of Bitpoint Japan exchange was stolen, and multiple virtual currencies were lost, worth more than 3.5 billion yen.
2. Due to problems with the cache system of Amazon's Amazon Web Services (AWS), many exchanges experienced abnormal transactions, deposits and withdrawals, and more than 40 BTC were even traded for US$0.3.
3. The KYC information of the Binance exchange was leaked. According to coindesk, after the negotiation with Binance broke down, the hacker mass-sent the KYC information of Binance users in the Telegram group.
3. Recently, Monero locked transfer attacks have appeared on major exchanges. Hackers initiated locked transactions, causing the exchange to be locked and unable to circulate Monero during the locked time, limiting its liquidity.
4. Recently, 400 million PTT was stolen from an exchange, and some of the stolen funds have been frozen. The exchange wants to recover its losses by requiring the project team to upgrade the contract to map the 280 million locked tokens into new currencies.
source of problem
By summarizing various recent exchange security incidents and user coin loss incidents, we believe that there are three main sources of problems in exchange security incidents:
1. Users’ lack of security awareness leads to mistakenly entering phishing websites and theft of private information.
2. The security system of the exchange is not perfect enough and the platform itself has security loopholes.
3. After the exchange connected external data services or other services, it did not establish an emergency mechanism for uncontrollable factors.
As the digital currency market recovers, many investors have begun to enter the market, and many new exchanges have also appeared in the public eye. However, accompanying exchange security incidents have also occurred frequently.
Safety precautions suggestions
Chengdu Lianan hereby reminds:
1. When users choose an investment platform or investment target, they should not make too single a choice. The digital currency market is high-risk. Do not put all your eggs in one basket to avoid risks.
2. Investors should increase security awareness, ensure the storage and use of private keys are safe, avoid using secret keys in unsafe environments, and beware of phishing scams, etc.
3. Exchanges must pay enough attention to the system security system. They must not only have a reasonable security architecture, but also conduct overall security testing of the system. They must conduct self-examination in a timely manner for security vulnerabilities that have been reported by security companies to avoid the same consequences. attack.
4. The exchange must establish a complete risk control emergency plan. No matter how mature the technology of the exchange is, hackers may find loopholes that can be exploited. Therefore, in the exchange system, emergencies may cause abnormal transactions and theft of funds. At this time, it is particularly important to have a complete emergency response mechanism and compensation mechanism, such as using risk funds to deal with security incidents, or insuring user funds to hedge against the impact of data leaks or currency theft on user funds.
5. When it is difficult for exchange project parties to implement a comprehensive security system architecture for their own exchange systems, they need to consider using third-party security products or cooperating with security companies to jointly create a safe trading environment and risk control emergency response mechanism for the exchange.
Corporate Media Matrix
Official website
https://www.lianantech.com
GitHub URL
https://github.com/Lianantech/VCA
Facebook URL
https://www.facebook.com/BeosinChengdu/
twitter URL
https://twitter.com/Beosin_com
Telegram Chinese group
https://t.me/LiananTech_cn
Telegram English group
https://t.me/LiananTech_en
https://weibo.com/u/6566884467
CSDN blog
https://blog.csdn.net/CDLianan
Official phone number: 028-83262585
Official email: [email protected]
Official address: No. 599, Century City South Road, Chengdu
Room 504, Building D7, Tianfu Software Park