Amidst strong rallies and price surges, hackers often tend to target centralized exchanges and trading platforms to search for vulnerabilities within the platforms. Hackers target wallet archives and files such as Copy.dat, wallet.dat, wallet.dat.1, wallet.dat.zip, wallet.tar, wallet.tar.gz, wallet.zip, wallet_backup.dat, wallet_backup.dat.1, wallet_backup.dat.zip, wallet_backup.zip, to potentially steal private keys and user funds.
The market valuation of bitcoin and Ethereum have reached new all-time highs, and investors including billionaire hedge fund legend Mike Novogratz believe the two cryptocurrencies could at least triple in value by the end of 2018.
Given that the average bitcoin price exceeded $11,000 this week, security researcher and expert Didier Stevens noted that hackers are more likely to target bitcoin platforms at this phase in which the market is highly confident and optimistic in the short to mid-term growth trend of bitcoin.
“I’ve seen a couple of such requests a couple of years ago, but it’s the first time I see that many. The first time I observed this was late 2013, in the middle of the first big BTC (bitcoin) price rally,” said Stevens.
For cryptocurrency investors, it is essential that they take security into consideration and are always in possession and control of their private keys. Cryptocurrency exchanges, apart from decentralized applications and peer-to-peer exchange protocols are custodial platforms. Hence, private keys of wallets and user funds are managed by a central entity. The centralization of funds leaves bitcoin and Ether stored on exchanges which are vulnerable to hacking attempts.
Bitfinex and Bithumb, two of the largest cryptocurrency exchanges by trading volume, have suffered two major hacking attacks in the past year, both of which resulted in huge losses.
Bithumb’s two security breaches were significantly smaller than that of Bitfinex in terms of losses. As such, Bithumb was easily able to handle the theft of user funds with its existing resources and capital. However, Bitfinex was not able to compensate more than $70 million it had lost from a successful hacking attack. Consequently, all of the users on Bitfinex suffered a haircut and 30 percent of their balances were deducted.
To avoid hacking attacks and loss of funds, investors and traders should develop a habit for using exchanges for the sole purpose of trading and relying on non-custodial wallet platforms to store cryptocurrencies.
Even with non-custodial platforms, at this time of the year in which a rapidly growing number of hackers are targeting cryptocurrency users, tight security measures must be implemented to prevent any vulnerabilities. The use of two-factor authorization, multi-signature technology and hardware wallets are advised in order to reduce the chance of hackers gaining access to funds.