- >Now that Bitcoin is Going Lunar, Should We Be Worried About Crypto Exchange Hacks?
Now that Bitcoin is Going Lunar, Should We Be Worried About Crypto Exchange Hacks?
You’ve probably noticed that bitcoin is reaching new all-time highs pretty much every week at the moment. What you may not have noticed, amid all of the bull-market exuberance, is that cryptocurrency exchange hacks seem to have increased in parallel with bitcoin’s price.
Simon Chandler | Jan 5, 2021
November brought us the Liquid breach, in which a hacker gained access to the Japan/Singapore-based exchange’s document storage (no crypto was apparently compromised). December went one better, bringing us two separate hacks: one affecting the UK-based EXMO exchange, and another affecting the Russian Livecoin platform.
This may be the beginning of a new trend, and with the price of bitcoin passing $29,000 at the end of 2020 and likely to rise even higher, cryptocurrency exchanges and payment rails are likely to become increasingly popular with hackers and cybercriminals. However, while longer-term holders should always store crypto in their own wallets, the major exchanges have been improving their security measures over the past one or two years, making a major Mt. Gox-style attack unlikely.
Bitcoin Price Rises, Crypto Exchange Hacks Rise
It’s safe to say there’s a strong positive correlation between bitcoin price rises and attempts to steal bitcoin. The first half of 2020 was fairly quiet when it came to crypto exchange hacks, yet bitcoin’s recovery from the lows of March saw a steady uptick in exploits.
September pushed the price of bitcoin up to almost $12,000, having been at $9,000 in July, and under $8,000 in April (not to mention March’s brief fall to under $4,000). It also witnessed two separate crypto exchange hacks:
Eterbase, which on September 9 had its hot wallets compromised, resulting in the loss of $5.4 million in bitcoin, ether, ALGO, XRP, tezos, and TRON.
KuCoin, which on September 26 also had its hot wallets compromised, with hackers running off with some $150 million in bitcoin and various ERC-20 tokens.
The bitcoin hacking scene remained subdued in October, for the majority of which the bitcoin price remained fairly stable, at under $12,000. But at the end of the month, the price jumped over $13,000, while at the beginning of November it quickly rose past $14,000 and then $15,000.
This obviously piqued the interest of hackers, with November 18 — when bitcoin’s price stood at around $17,500 — heralding the aforementioned Liquid hack. This was followed by the EXMO hack on December 21 (1 BTC = $23,000), and then the Livecoin hack on December 24 (1 BTC = $23,500).
The fact that these two hacks happened in such quick succession, and also when bitcoin was regularly setting new ATHs, should worry the cryptocurrency community. Because as the recent example of DeFi also shows, strong gains inevitably result in more hacking.
For example, a November CipherTrace report found that attacks against DeFi platforms accounted for 50% of all crypto hacks in the second half of 2020, “whereas in 2019 the DeFi hack volume was virtually negligible.”
The reason for this sudden growth is obvious: the total value locked into DeFi platforms expanded from $1 billion on June 1 to just under $15 billion by December 31.
Source: DeFi Pulse
This is growth of around 1,400%. And while the price of bitcoin has grown by ‘only’ 300% over the past year, we can expect a similar rise in hacking activity.
The Next Mt. Gox?
This expectation has in fact resulted in several prominent figures predicting that the “next Mt. Gox” is likely to happen sooner or later, now that bitcoin is riding high.
Likewise, some figures even suspect that “the next Mt. Gox” could come from one of the big payment services — such as Square and PayPal — which are now letting people buy and sell bitcoin, but which don’t let them control the private keys of their bitcoin.
Both lines of suspicion are troubling. On the one hand, many crypto exchanges — particularly smaller ones — appear to have holes in their security measures. Research from audit firm Hacken found in March 2020 that only 8% of the top 100 exchanges have “good” security, with 79.7% of exchanges lacking any kind of bug bounty program.
Likewise, the most recent crypto-exchange security report from ICORating (for 2019), concluded that only 16% of exchanges fall into its A category for security.
On the other hand, platforms like PayPal and Robinhood put users into a vulnerable position, in that they don’t let investors actually withdraw their bitcoin. While such platforms generally have better security than most exchanges (although they certainly aren’t infallible), this inability to take out bitcoin could come back to haunt users if PayPal or Robinhood suffer some kind of hack.
As such, anyone who plans to hold bitcoin or any other crypto for the long-term should really consider acquiring a reliable cryptocurrency wallet and withdrawing their funds to it.
Cryptocurrency Exchanges Are Tightening Up
A wallet really is a must for investors who don’t plan to sell up anytime soon. That said, major crypto exchanges have been improving their security measures in recent months and years.
After its infamous hack in 2019, for example, Binance introduced a raft of new security measures, in order to bolster its defences. Despite being ranked as the most secure exchange by ICORating, Kraken also introduced new security measures as recently as September, while Coinbase maintains a wide range of measures, including taking out insurance for its online funds and running a bug bounty program.
Indeed, cryptocurrency crime declined in value overall in 2020 (compared to 2019), so the major crypto-exchanges must be doing something.
Users can therefore feel secure when using these platforms, although everyone should take heed of Kraken CEO Jesse Powell, who has long warned against storing crypto on exchanges.
This is especially true when you realize that Hacken ranked KuCoin 6th on its March top 20 list of the most secure crypto-exchanges, while ICORating ranked Livecoin 11th.
In other words, even when an exchange has a strong reputation for security and reliability, don’t assume it’s invulnerable to attack. Buy a wallet, and make your funds SAFU.