Decentralized Exchange Waves Gets Hacked After $6 Million Debut

Launched July 24, 2018, Waves Decentralized Exchange allows users to exchange and issue their own tokens almost instantly.

Amidst a successful $6 million launch, Waves experienced a security breach that uncovered greater issues to the network.

Waves decentralized exchange reported $6 million in daily trading volume during its beta testing in June 2018, according to data by CoinDesk.

On its July 24 debut, hackers exploited the platform's security flaws to hijack both the company's main site and the exchange site to phish for users' personal wallet information.

The issue was resolved after a few hours, and Waves reported that no customer funds were lost.

Hackers breached the websites by submitting fake identification credentials to Waves support, claiming to be the Waves CEO and requested a password reset.

As a decentralized exchange, Waves operates with minimal Know-Your-Customer standards and requires user identification only when issuing a new token or during a withdrawal to fiat cashout.

Wave's recent phishing attack was followed by criticism for the platform's more pressing security flaws, citing its centralized matchmaker which can deny trades and store of user wallet passwords.

Users must submit their recovery seeds - a sequence of words used to access crypto wallets - into a website to use the Waves software wallet.

According to a blog post, the platform already processed 30 million transactions and garnered 90,000 traders and 330,000 active wallets by launch - dwarfing its competitors in early userbase and trading volume.