Bitcoin literally jolted the whole currency market and definition of money itself. This was a fascinating concept thbat was brought about by Satoshi Nakamoto, a pseudonym. BTC introduced the world of cryptocurrency and coined the idea of crypto trading.
While a few thinkers responded positively to BTC and launched various altcoins and stablecoins to compete with the first large crypto coin, others raised concerned on the legitimacy and security aspect of the digital asset.
Amid the tug of war, cryptos popularity heightened, and more people started getting onboard crypto investments. However, the process itself was laborious and confundus, and this dilemma gave birth to crypto trading exchange platforms.
Now, enough with the introduction. Since the inception of crypto exchanges, which were meant to provide fast, easy, and secure platforms to sell and buy cryptocurrencies, it has been a target for cybercriminals.
Based on blockchain networks, which is touted as the most secure technology, why is it hackers always find a way to hijack and rob exchanges? Before you get to the answer, let us mention one of the biggest and best cryptocurrency trading brokers or exchanges or trading platforms that were hijacked, like big time.
Let’s start with one of the most popular exchanges:
Binance
World's biggest exchange in terms of trading volume, Binance, has witnessed one too many attacks. In the confirmed data breach, Hackers stole $40 million worth of cryptocurrency. The data breach compromised API keys, 2F Authentication, and other information.
Mt. Gox
One of the earliest crypto exchange to go bankrupt when attackers hijacked over $450 million worth BTC. The exchange had witnessed its very first attack in 2011 when it lost over 2000 Bitcoins. Failing to take necessary measures, the company continued its operation and become the largest BTC trading firm, with over 70% of total BTC in the world then. The second wave of attack came in 2014 when Mt Gox lost everything and announced shutting down of its operations.
Bitfinex
Two years later, in 2016, the crypto world saw yet another large scale attack. This time target was Bitfinex. Bitfinex and Bitgo wallet Multisig had a vulnerability which hackers exploited to siphon 120,000 BTC, worth $72 million then. Fortunately, Bitfinex had enough financial support to reimburse the victims with BFX tokens that were redeemable with USD.
These are only three of the many many attacks since 2011. According to a report by the Wall Street Journal, hackers successfully stole cryptocurrency valued around $1.7 billion over the years. And let's not even talk about crypto scams like PlusToken.
Where Lies the Problem?
Blockchain, the decentralized network technology, was behind Bitcoin powering an unhackable and fast mode of cryptocurrency. The early forefathers and adopters hailed this tech as invincible and revolutionary, but the recent attacks are stating another story.
Blockchain relies on several computer networks, maintaining a cryptographic database, to record each transaction. The computers, also called nodes, follow a protocol to verify each transaction and later record it on the database. The complexity of the network adds room for loopholes. It could be during the setup process or in the script.
Even if the protocol is made secure, there’s no guarantee the trading platform or exchange will be unhackable. Like a trading platform has to run client protocol software which contains vulnerabilities. Anyone with malicious intent could find these flaws and exploit them for further gains.
If the hacks are clearly examined, it will come to light that most of the hacks were to the exchanges and not to the blockchain nodes or network.
Researchers have now started discovering more and more flaws with the system, one of them being ‘bugs in the smart contract.’ In layman’s term, a smart contract is like a script or a program that automates crypto transactions following a protocol. The Ethereum network that facilitates this functionality has been under scrutiny following an attack on The DAO where a hacker found a bug in the smart contract and later exploited the bug to siphon $60 million of cryptocurrency.
Since the bug lies in the fundamentals of the Ethereum network, it can’t be fixed, unlike conventional software. A new smart contract can be deployed as an upgrade to connect with the existing one, but that’s about it.
Should Users Be Worried?
Well, yes and no! Once a transaction is made on the blockchain, it cannot be reversed. Meaning if an exchange is hit, and if hackers successfully drain crypto from user wallet, nothing can be done. If we look at it from one side of the coin, then users should be worried.
But before you raise your eyebrows in disdain, consider the other aspect as well. Prior to blockchain’s entry into the market, databases used to get attacked. In 2018 alone there were over 20 massive data breaches including the infamous Facebook-Cambridge-Analytica scandal. Users didn’t stop using Facebook because of one data breach, did they?
The first half of 2018 saw 4.5 billion users data compromised. Even though technology improved, hacks didn’t stop. It’s like traveling from an airplane, the risk of dying due to technical failure is there and yet its the safest mode of transportation. The industry is seeing an exponential increase in travelers, and it is remarkably positive.
Compared to other techs, blockchain is relatively new, and as the Devs and researchers are exploring the corners, they’re finding flaws. Flaws that can be fixed in coming times, ensuring safer network for transactions. A few firms - to tackle the lack of security - have integrated their systems with AI (Artificial Intelligence) to detect suspicious transactions and find errors in the smart contract or nodes.
Another point to take into thoughts is most of the exchanges that were attacked reimbursed the victims who were affected. So in case your account suffers a blow from someone else’s illicit activity, chances are you will get your hard-earned money back one way or another. No guarantee, though! Most important, the gains from crypto investments outweigh risks by a hundred folds.