cryptocurrency exchange India

Lessons to Learn from Crypto Hacks 

The global crypto markets have been showing staggering growth since 2016, and the journey has yet to be smooth. Besides the inherent uncertainty and volatility prevailing in the cryptocurrency exchange India market and others have received many notorious cybersecurity breaches and crypto hacks. At the same time, all these hacks have something to learn from each. 

Let’s discuss some top crypto hacks from which the crypto app India exchanges and traders can learn their lessons and identify the responsibility of handling crypto assets worth millions of dollars.

The top nine biggest crypto thefts in the past include:

Ronin Network-$614M

Poly Network-$611M

Coincheck-$547M

Mt.Gox-$480M

KuCoin-$285M

BitGrail-$170M

Bitfinex-$72M

Zaif-$62M

NiceHash-64M

The Ronin Network Crypto Heist, March 2022

The $625 million worth of crypto hack on the Ronin network, which is home to Axie Infinity, was the most recent and the largest exploit in the history of cryptocurrency networks. The gaming-focused network reported that ether lost 173,600 and 25.5 million USDC, valued at hundreds and millions of dollars in the exploit. 

How did it happen?

Ronin sidechain has nine validators deployed on its chain and needs five signatures for withdrawals. The security agreement is in place to protect the blockchain against these crypto attacks. But the attacker used a backdoor entry through Ronin’s gas-free RPC node. The node was abused to obtain the signature for the Axie DAO validator. As seen on Etherscan, the attacker used hacked private keys to forge fake withdrawals from the Ronin Bridge across two transactions. The exploit affected the validator nodes for Sky Mavis, responsible for publishing the Axie Infinity game and Axie DAO. 

The address deployed in this crypto theft was a new address that had transferred ETH from the top cryptocurrency exchange in India, Binance, one week before the attack. Except for the 6,250 ETH transferred to various other addresses, most of the loot remains in the attacker’s address. The Ronin network and Katana AMM have been paused until the investigations continue. 

The Poly Network Hack, August 2021

Another significant and most recent crypto attack is the Poly Network hack. Around $611 million worth of crypto assets were stolen from Poly Network On August 10, 2021. It is a smart contract platform where users can exchange tokens between blockchains like Ethereum and Bitcoin. 

How did it happen?

The attacker found a way to reach Poly Network’s security and buy tokens without selling the corresponding tokens on other blockchains. Within a week, the hacker returned the assets except for $33 million worth of USDT, as they had been frozen immediately after the attack. The attacker apparently said the hack was for ‘fun.’ But the hack revealed the drawbacks of the current Defi systems and experts understood some lessons needed to be learned to strengthen the security of the Defi ecosystem. 

The Coincheck Hack, January 2018

The $547 million hack happened when hackers breached the Coincheck Inc exchange’s system on August 10, 2021, and stole hundreds of millions of NEM tokens. Coincheck Inc. confirmed a security lapse but denied that it was an insider’s work. 

How did it happen?

Usually, crypto currency trading platform keep customers’ crypto assets in cold wallets that aren’t connected to external networks. Still, Coincheck keeps customer assets in hot wallets, vulnerable to outside attacks. Also, the exchange did not have multi-signature as an additional layer of wallet security. 

The 11 addresses to which the stolen NEM tokens were identified, but it could not be identified to whom these addresses belonged.

Each address has been labeled with the tag _accept_trades: owner_of_this_account_is_hacker. The developers of the NEM protocol developed a tracking tool that would help exchanges reject any trades concerning these stolen funds. 

Mt. Gox Crypto Heist, February 2014

This crypto hack was the most widely posted attack on a Japanese exchange, Mt. Gox. The heist ran up to $480 million in value, all in Bitcoin. Over 8,50,000 bitcoins were stolen or considered lost, which amounted to 7% of the total bitcoins in circulation. Their valuation would be in billions today.  

How did it happen?

The exchange was set up in 2010 as a site for trading ‘Magic the Gathering game cards. By 2014 the exchange was handling 70% of Bitcoin transactions. In February 2014, the exchange suspended its operations abruptly, closed its services, and filed for bankruptcy. Despite years of investigation, they couldn’t track the culprit and concluded that the Mt. Gox hack had been an outsider’s job. 

KuCoin Crypto Hack, September 2020 

KuCoin exchange, which has its headquarters in Singapore, became a victim of a $275 million cryptocurrency hack in September 2020. The theft involved $127 million worth of ERC20 tokens used in the Ethereum smart contracts.

How did it happen?

This hack was another incident where the exchange’s slack security mechanisms were responsible for the theft. The hackers started the attack by getting access to the private keys of the hot wallets belonging to the exchange. Later, almost all the funds were recovered, including 15% of the stolen funds covered under KuCoin’s insurance. And it was reported that none of the clients lost their crypto assets. 

Bottom Line

While cyber security will always remain an issue, there are specific ways via which you, as a trader, can ensure the safety of your assets. Regarding this, the first step is to choose a trusted crypto exchange like Bitcoiva. Check that the exchange’s security mechanisms are in place, including multi-signature wallets, KYC checks, two-way authentication, and other AML procedures. 

Next, make sure that the cryptocurrency exchange India doesn’t use hot wallet systems to store its client’s funds. As a preventive measure, if you aren’t actively trading your crypto assets, move them to a cold storage system that is an offline wallet or a hardware wallet to keep them protected. Never share your private keys with anyone. Always check the authenticity of the project in which you invest your funds. Invest in crypto projects that have been thoroughly audited in simple funds. And finally, make sure the crypto exchange India from where you are promoting your crypto trades has insurance to cover the losses in case of a cyber attack or hack.  

Head over to Bitcoiva for a safe and seamless trading experience!  

Visit us at: www.bitcoiva.com