The recent hack of the world's biggest cryptocurrency exchange, Binance, highlights the need for heightened security in the crypto space.
"The hackers used a variety of techniques, including phishing, viruses and other attacks," according to Binance CEO Changpeng Zhao in a May 7 blog post.
How did the theft occur? We are currently researching the attack, but from what we know Binance had the current state of the cybersecurity art in place.
The attacker(s) probably used a password stolen in a phishing attack, or they exploited a combination of vulnerabilities.
As Chairman of the Anti-Phishing Working Group, an organization that has been fighting eCrime and phishing for more than 16 years, I can tell you it's highly likely that phishing was an attack vector.
Phishers are casting their nets-and spears-at crypto companies in particular.
The Binance hack could have been an employee being duped into giving a password by a clever email ruse.
To access the network, exchange employees should be required to use an authentication app on their phone, a certificate on their computer to access the corporate VPN, and a password.
That way, if criminals phish an exchange worker's password or break it with brute force they're still not getting in.
The attacker can gain the password and even compromise one of the user's devices but that won't get all three factors.
Three ways to prevent exchange hacks-how 3FA can foil cryptocurrency exchange robberies
gepubliceerd op May 15, 2019
by Cryptoslate | gepubliceerd op Coinage
Interview: Ethereum development suite Truffle CEO on the future of dApps, regulation, and Libra
Coulter built a career specializing in software testing and developer support, which became extremely valuable in the early days of blockchain development.
Indian Minister: No Official Ban on Cryptocurrencies in India Yet
India's Minister of State for Finance Anurag Thakur has said that there is no law in India expressly prohibiting the use of cryptocurrencies.
Chiliz to Provide Official Crypto of Football Club AS Rome via Socios
Italian football club AS Roma will join blockchain-based voting platform Socios through a partnership with sports and entertainment blockchain firm Chiliz.
KPGM to Work With Microsoft, Tomia and R3 on Blockchain Telecom Solutions
Business advisory firm KPGM has partnered with tech companies Tomia, Microsoft and R3 to create a blockchain-based settlements solution for the telecom industry, in anticipation of 5G network services.