Are Crypto Exchange Failings Showing a Gap in User Security?

cryptonews.com:

Disclaimer: The text below is a press release that is not part of  Cryptonews.com  editorial content.

One thing that is becoming increasingly clear is the inability of trading platforms to secure their operations against increasingly sophisticated attacks by malicious parties.

Recent events have proved this. Bad actors were able to access 3Commas users’ API and withdraw approximately $20 million in funds. Just before that, a Binance user had his API key compromised leading to the hacker buying 1 million AXS tokens from his account.

The more you dive into this, the more incidences of weakened security you will find. Move back a year and you find that Crypto.com users started seeing their assets being withdrawn without their approval. This time, the party involved was able to circumvent Two Factor Authentication (2FA) - a key security tool used in the crypto industry.

This shows that clearly, crypto trading firms need to improve in using the right tools for securing their platform. The irony is that It’s not that hard to improve the current security.

Encryption is a friend, for both platforms and users. Using APIs that are encrypted and without withdrawal are the toughest out there. This ensures that service platforms do not have access to the funds or even personal data. Even in an event where the private keys are compromised, the hacker will not be able to withdraw the funds anyway if withdrawals are restricted by default.

But encrypted API keys are not enough on their own. Bad actors are getting smart and crypto trading platforms have to be smarter. Things like allowing only one API per user account can help limit hackers. 

Using advanced monitoring tools for counter-trading (where compromised APIs are used to make