Blockchain

Security expert claims that $2.5 million is stolen from crypto exchanges every day

Blockchain security expert Hartej Sawhney has claimed that, on average, around $2.5 million worth of cryptocurrency is stolen from crypto exchanges every day, with most hacks being unreported to the public.

Mr Sawhney was speaking on the topic of blockchain security on the CNBC crypto trader show.

Mr Sawhney is a co-founder of hosho.io, a global leader in blockchain security. His company provides security services for clients including smart contract auditing and penetration testing for a range of cryptocurrency protocols.

Low-hanging fruit

He said: “Hackers have low-hanging fruit to penetrate exchanges.” Examples may include forms of smart contract hacking and order book manipulation to offset bets at competing liquidity providers.

He went on to claim that exchanges need to learn how to properly hold private keys as this is still a major security barrier. This applies to both hot and cold wallet solutions that may provide a wider net for targets.

“Exchanges need to learn to value security, but they are not getting regular penetration testing from cybersecurity companies.”

A love for dogs

Mr Sawhney described an example of a recent hack, stating: “An employee of a Bitcoin exchange was a competitive dog walker. The hacker monitored the social feeds of this employee and gained access to realise that fact.”

“They made a fake website and application for this employee to apply to compete in a local dog walking competition.”

“The victim then opened up the wrong email, opened up the wrong PDF, and ended up applying to a fake dog walking competition, and the hacker gained access to her keystrokes.”

Compromised

The hackers then gained access to her usernames and passwords for the crypto exchange, and the exchange lost millions of dollars within 48 hours.

He concluded the interview by discussing the relative scarcity of “full-stack developers who know solidity and have a QA mindset” who qualify to work and certify in this field.

If you can strike the correct business model as a custodial exchange in this space, then you will certainly see the benefits of this type of security auditing. Due diligence is clearly required in the management of private key solutions, but the question still lingers – who is going to audit your own code?

 

Nawaz Sulemanji

Nawaz has been hooked on crypto since buying his first Bitcoin’s in 2013. After studying maths in London, Nawaz initially spent the first eight years of his career working globally across corporate supply chain’s before transitioning into the decentralised finance industry as a margin-trader and consultant. He’s a fan of open-blockchains because “it enables self-sovereignty”.

Disqus Comments Loading...

Recent Posts

Here is why Bitcoin is still a lucrative investment in 2024

Those who enter the market at this time may be surprised to hear that Bitcoin…

4 weeks ago

Zircuit Launches ZRC Token: Pioneering the Next Era of Decentralized Finance

George Town, Grand Cayman, 22nd November 2024, Chainwire

4 weeks ago

The surge of Bitcoin NFTs: Everything you should know about Bitcoin ordinals

From digital art to real-estate assets, NFTs have become a significant attraction for investors who…

2 months ago

MEXC Partners with Aptos to Launch Events Featuring a 1.5 Million USDT Prize Pool

Singapore, Singapore, 21st October 2024, Chainwire

2 months ago