The major South Korean publication Hani released a report that employees of a small Korean crypto exchange Bitkoex stupidly published information worth $650,000 in a group chat.
After the cyber-attack on Coinrail many experts and security specialists criticized the business model of crypto exchangers, who are trying to squeeze out as much profit as possible on a small budget.
Previously, Moon Mung-ki, director of the department of SK Infotech, owned by the largest telecommunications company SK, said that small and medium-sized crypto platforms in South Korea do not allocate funds at all for security and infrastructure development. This leads to the fact that users' private information and funds are constantly under threat.
“Small and medium-sized crypto exchanges are deliberately delaying the implementation of necessary security measures and are completely focused only on expanding their business,” Moon said, adding that any more or less experienced hacker can easily hack the security of a small digital exchange.
This week, one of the Bitkoex employees leaked personal information of users in a KakaoTalk group chat. The cost of the information was $650,000, which included valuable data such as private and public keys, data on the amount of user accounts, as well as the names of account owners. What happened with Bitkoex is not the result of a hacker or phishing attack, but the result of a controversial decision to share sensitive information in an unencrypted and unsecured group chat.
KakaoTalk is South Korea's most popular instant messenger and is known for its simplicity and accessibility, but it does not offer any options for encrypting messages or protecting information. One of the channel participants simply copied all the messages and, without thinking twice, threw them into the general chat.
However, the exchanger was subjected to the harshest criticism for the fact that upon learning about the information leak, its employees did not even bother to transfer the funds of their users to cold storage wallets. Ironically, prior to its launch in May, Bitkoex promised users to provide “a security system that is superior to those used by leading traditional financial institutions.”
No amount of regulation or security will be able to prevent exchangers from publishing private keys “just for fun.”.. Publishing private keys is the same as publishing information about bank accounts and passwords. The recent Bitkoex leak was the result of sheer stupidity, as well as the company's lack of desire to work on the security of its own product. No employee can or should have the authority to publish private keys.
According to ccn.com
You May Also Like
Searches are underway in the Upbit exchanger
South Korea's largest crypto exchange, Upbit, is suspected of fraud and is currently under investigation. Prosecutors raided the exchange and seized computers and account data.
FSS joined the investigation into violations of the UPbit exchange
South Korea's Financial Supervisory Service (FSS) has joined an investigation by the Financial Intelligence Unit (KIU) and the Financial Services Commission (FSC) into alleged irregularities at the country's largest cryptocurrency exchange, UPbit.
