Hacks will continue because of loose or zero regulatory oversight over the lopsided interests of buyers and sellers, says one expert.
Approximately US$150m in user funds have been affected following a major security breach at KuCoin Global. The firm’s Bitcoin, Ether, ERC20 hot wallets were affected, and resulted in suspensions of trading to prevent hackers from selling their heists.
According to one expert, the hacker or hackers tried to sell the funds on Binance and did not swap the tainted USDT on Curve. Due to prompt trading restrictions, the price of Bitcoin and major cryptocurrencies remained relatively stable—an unusual reaction given that previous breaches had caused havoc.
Weighing in on the incident, James Gillingham, CEO and Co-Founder of Finxflo, has shared his views regarding cybersecurity on crypto exchanges:
“Crypto exchanges have worked hard since the MT Gox hack back in 2014, to incrementally increase security. The issue they faced then, and continue to face today, is the hot wallet infrastructure, which is something most exchanges still struggle with. Hot wallets by nature, keep assets easily accessible by users in order to execute trades at the click of a button—traders and participants do not want to be waiting to seize the next market entry point. Exchanges want to keep their clients’ funds in a hot environment, and have them trade as much as possible for their business to grow and to continue earning trading commissions and fees.
Both parties see the upside of such an agreement and collaboration, but is it the safest for both parties? In my opinion, no.”
Hacks WILL continue because …
Gillingham said that the exchange does not want to be blacklisted for being hacked, and clients do not want to have their assets stolen with zero trace or ability for retrieval. This means that inevitably, hacks will continue. “Due to most exchanges having very loose or even zero regulatory oversight, this means code reviews and penetration tests are not a given. Someone somewhere might overlook a keep entry point for hackers to enter—this applies to both CeFi and DeFi.”
Then enters the new technology updates: 2FA, face verification, trigger/kill switches which turn off and kill the tech stack if large transactions are executed above rate limits. This still does not solve the problem. “Hacks have declined in Cefi but continue to be rife in Defi, with Ethereum classic being created due to a hack on one of the world’s largest protocols. In the Cefi world, the latest measures are reducing but not stopping all hacks. The introduction of some exchanges having multi sig and insurance go some way to help, but still do not solve the problem. It is still extremely tough to tell if any insurance companies will pay customers if a hack is found to be in code. Multi sig works but again, slow withdrawal speeds do not make customers happy.”
Lessons learned?
Gillingham has seen margin trading take a large bite out of the crypto-deliverable spot market volumes due to only requiring a small portion of collateral to execute a larger position. He mentioned how his own platform allows clients funds to stay in a regulated, insured, multi sig environment with instant withdrawals, and ensures clients’ funds never sit on any exchange or infrastructure that cannot be validated as secure.
“We use our own capitalization to place collateral, where our sophisticated clients and institutional players rebalance and clear any P+L at the end of each day. We take pride in minimizing the risk to our clients’ assets on any exchange as much as we can.”
Hopefully, cryptocurrency trading platforms know the bare facts asserted by Gillingham and can rise up to the cybersecurity challenge going forward.