The major South Korean publication Hani released a report that employees of a small Korean crypto exchange Bitkoex stupidly published information worth $650,000 in a group chat.
After the cyber-attack on Coinrail many experts and security specialists criticized the business model of crypto exchangers, who are trying to squeeze out as much profit as possible on a small budget.
Previously, Moon Mung-ki, director of the department of SK Infotech, owned by the largest telecommunications company SK, said that small and medium-sized crypto platforms in South Korea do not allocate funds at all for security and infrastructure development. This leads to the fact that users' private information and funds are constantly under threat.
“Small and medium-sized crypto exchanges are deliberately delaying the implementation of necessary security measures and are completely focused only on expanding their business,” Moon said, adding that any more or less experienced hacker can easily hack the security of a small digital exchange.
This week, one of the Bitkoex employees leaked personal information of users in a KakaoTalk group chat. The cost of the information was $650,000, which included valuable data such as private and public keys, data on the amount of user accounts, as well as the names of account owners. What happened with Bitkoex is not the result of a hacker or phishing attack, but the result of a controversial decision to share sensitive information in an unencrypted and unsecured group chat.
KakaoTalk is South Korea's most popular instant messenger and is known for its simplicity and accessibility, but it does not offer any options for encrypting messages or protecting information. One of the channel participants simply copied all the messages and, without thinking twice, threw them into the general chat.
However, the exchanger was subjected to the harshest criticism for the fact that upon learning about the information leak, its employees did not even bother to transfer the funds of their users to cold storage wallets. Ironically, prior to its launch in May, Bitkoex promised users to provide “a security system that is superior to those used by leading traditional financial institutions.”
No amount of regulation or security will be able to prevent exchangers from publishing private keys “just for fun.”.. Publishing private keys is the same as publishing information about bank accounts and passwords. The recent Bitkoex leak was the result of sheer stupidity, as well as the company's lack of desire to work on the security of its own product. No employee can or should have the authority to publish private keys.
According to ccn.com
You May Also Like
Line Tech Plus launched a new crypto exchanger
Japanese internet company and operator of the country's most popular instant messenger, Line Corporation, today launched a new cryptocurrency exchange platform - Bitbox. The crypto exchange, operated by Singapore-based subsidiary Line Tech Plus, will allow trading of 28 cryptocurrencies, including Bitcoin, Ethereum, Bitcoin Cash, Litecoin. The platform will support 15 languages, including Korean, Chinese and English.
Exchanger Bitoasis is trying to reach an agreement with GCC regulators
According to Arabian Business, Dubai-based cryptocurrency exchange Bitoasis said it is working with Gulf Cooperation Council (GCC) regulators to “create a regulatory framework in light of the Saudi Arabian government's ban on digital currencies.” The exchanger's website states that its services are currently available in the UAE, Kuwait, Bahrain, Oman and Saudi Arabia.
