Crypto exchanges remain one of the most targeted platforms in 2019. Here’s the full list of victim companies.
- Hackers have stolen over $4 billion in cryptocurrency thefts in the first six months of 2019.
- Many of these breaches involved multiple techniques such as SIM swapping, phishing, and URL hijacking to take over user administrator accounts.
Recently, the popular cryptocurrency exchange BitMEX accidentally leaked at least 23,000 user email addresses to its customers due to a software issue. Most likely, the incident occurred after an employee misused the email software’s ‘carbon copy’ field.
Following the breach, the firm advised its customers to reset the passwords of their accounts.
While BitMEX’s security breach incident was averted on time, thus preventing attackers from collecting passwords, the year 2019 saw more than this when it comes to hacks on crypto exchange platforms.
According to a study from CipherTrace, hackers have stolen over $4 billion in cryptocurrency thefts in the first six months of 2019. Many of these breaches involved hackers employing multiple techniques such as SIM swapping, phishing, and URL hijacking to take over user administrator accounts.
Here’s a list of the crypto exchange platforms that suffered significant losses in 2019 due to their security lapses or cyberattacks.
Binance - Hackers leveraged phishing and malware attacks to gain access to Binance user accounts and withdrew 7,000 Bitcoin - worth nearly $41 million. The amount was stolen from Binance’s hot wallet and transferred to several smaller accounts.
Bitpoint - Attackers breached this Japan-based cryptocurrency exchange platform and stole over $32 million worth of cryptocurrency assets that included Bitcoin, Bitcoin Cash, Litecoin, Ripple, and Ethereal. The fund was stolen from both of its ‘hot’ and ‘cold’ wallets.
Bitrue - This Singapore-based cryptocurrency trading platform was hacked to steal $4.25 million worth of 9.3 Ripple coins and $225,000 worth of Cardano coins. The threat actor reportedly exploited a vulnerability in Bitrue’s Risk Control team’s second review process in order to gain access to users’ personal funds.
QuickBit - This Swedish cryptocurrency exchange exposed the personal information of almost 300,000 customers due to an unprotected MongoDB database. The exposed information includes customers’ names, addresses, email addresses, and credit card information.
DragonEX and CoinBene - Both of them suffered cyberattacks resulting in a compromise of over $1 million and $45 million respectively. While DragonEX admitted of the attack to have taken place on March 24, 2019, CoinBene, at that point in time, had denied the hack by informing its users that the platform was undergoing maintenance.
Bithumb - The cryptocurrency exchange platform suffered a cyberattack on March 29, 2019. Attackers have stolen 3 million EOS worth $13.4 million and 20 million Ripple coins (XRP) worth $6 million.
Coinbase - A SIM Swapping attack on an engineering manager of BitGo, had enabled attackers to siphon off over $100,000 from the cryptocurrency exchange Coinbase.
Coinmama - This Israel-based crypto brokerage had suffered a major data breach affecting 450,000 of its users. The firm revealed that around 450,000 email addresses and hashed passwords were posted on a dark web registry.