The major South Korean publication Hani released a report that employees of a small Korean crypto exchange Bitkoex stupidly published information worth $650,000 in a group chat.
After the cyber-attack on Coinrail many experts and security specialists criticized the business model of crypto exchangers, who are trying to squeeze out as much profit as possible on a small budget.
Previously, Moon Mung-ki, director of the department of SK Infotech, owned by the largest telecommunications company SK, said that small and medium-sized crypto platforms in South Korea do not allocate funds at all for security and infrastructure development. This leads to the fact that users' private information and funds are constantly under threat.
“Small and medium-sized crypto exchanges are deliberately delaying the implementation of necessary security measures and are completely focused only on expanding their business,” Moon said, adding that any more or less experienced hacker can easily hack the security of a small digital exchange.
This week, one of the Bitkoex employees leaked personal information of users in a KakaoTalk group chat. The cost of the information was $650,000, which included valuable data such as private and public keys, data on the amount of user accounts, as well as the names of account owners. What happened with Bitkoex is not the result of a hacker or phishing attack, but the result of a controversial decision to share sensitive information in an unencrypted and unsecured group chat.
KakaoTalk is South Korea's most popular instant messenger and is known for its simplicity and accessibility, but it does not offer any options for encrypting messages or protecting information. One of the channel participants simply copied all the messages and, without thinking twice, threw them into the general chat.
However, the exchanger was subjected to the harshest criticism for the fact that upon learning about the information leak, its employees did not even bother to transfer the funds of their users to cold storage wallets. Ironically, prior to its launch in May, Bitkoex promised users to provide “a security system that is superior to those used by leading traditional financial institutions.”
No amount of regulation or security will be able to prevent exchangers from publishing private keys “just for fun.”.. Publishing private keys is the same as publishing information about bank accounts and passwords. The recent Bitkoex leak was the result of sheer stupidity, as well as the company's lack of desire to work on the security of its own product. No employee can or should have the authority to publish private keys.
According to ccn.com
You May Also Like
US crypto platforms will discuss self-regulation issues
The task force, led by exchanger Gemini, will hold its first meeting in September. At it, its members will discuss the possibility of creating a self-regulatory organization (SRO), whose task will be to monitor the growing US cryptocurrency market.
Sorry Bittrex, but I'm leaving you for Binance
All users should be aware that the Bittrex exchange is currently registered in Seattle, Washington. At first glance, this may not seem like a problem at all. However, this is the same state where another well-known exchanger, Poloniex, began its work.
