The major South Korean publication Hani released a report that employees of a small Korean crypto exchange Bitkoex stupidly published information worth $650,000 in a group chat.
After the cyber-attack on Coinrail many experts and security specialists criticized the business model of crypto exchangers, who are trying to squeeze out as much profit as possible on a small budget.
Previously, Moon Mung-ki, director of the department of SK Infotech, owned by the largest telecommunications company SK, said that small and medium-sized crypto platforms in South Korea do not allocate funds at all for security and infrastructure development. This leads to the fact that users' private information and funds are constantly under threat.
“Small and medium-sized crypto exchanges are deliberately delaying the implementation of necessary security measures and are completely focused only on expanding their business,” Moon said, adding that any more or less experienced hacker can easily hack the security of a small digital exchange.
This week, one of the Bitkoex employees leaked personal information of users in a KakaoTalk group chat. The cost of the information was $650,000, which included valuable data such as private and public keys, data on the amount of user accounts, as well as the names of account owners. What happened with Bitkoex is not the result of a hacker or phishing attack, but the result of a controversial decision to share sensitive information in an unencrypted and unsecured group chat.
KakaoTalk is South Korea's most popular instant messenger and is known for its simplicity and accessibility, but it does not offer any options for encrypting messages or protecting information. One of the channel participants simply copied all the messages and, without thinking twice, threw them into the general chat.
However, the exchanger was subjected to the harshest criticism for the fact that upon learning about the information leak, its employees did not even bother to transfer the funds of their users to cold storage wallets. Ironically, prior to its launch in May, Bitkoex promised users to provide “a security system that is superior to those used by leading traditional financial institutions.”
No amount of regulation or security will be able to prevent exchangers from publishing private keys “just for fun.”.. Publishing private keys is the same as publishing information about bank accounts and passwords. The recent Bitkoex leak was the result of sheer stupidity, as well as the company's lack of desire to work on the security of its own product. No employee can or should have the authority to publish private keys.
According to ccn.com
You May Also Like
Bithumb will lower the withdrawal limit for anonymous clients
According to reports, one of South Korea's largest crypto exchanges, Bithumb, has announced a gradual reduction in the withdrawal limit for all accounts that have not passed real name verification, citing financial crime risks.
Exchanger Newdex lost $58,000, saving on security
Thieves counterfeited 1 billion EOS-based tokens, called them EOS, and placed them on the decentralized exchange Newdex. Since these coins were counterfeit and had no value, the hackers were able to earn approximately $58,000 in BLACK, IQ, and ADD tokens.
