Posted on

QuadrigaCX Reportedly Stored ETH on Kraken, Bitfinex and Poloniex, Research Finds

QuadrigaCX probably stored a significant quantity of Ethereum in other cryptocurrency exchanges, the evidence shows.

Cryptocurrency exchange QuadrigaCX probably stored a significant quantity of Ethereum (ETH) in other crypto exchanges, according to new evidence. This claim was made in a report published by crypto research and consulting platform ZeroNonCense on Feb. 28, which obtained corroborating information from Kraken CEO Jesse Powell and MyCrypto CEO Taylor Monahan.

More precisely, the author of the report reportedly “believes that there is a very strong possibility” that nearly 650,000 ETH belonging to QuadrigaCX were stored on the Kraken, Bitfinex and Poloniex crypto exchanges during QuadrigaCX’s operations. The report claims that the fact that QuadrigaCX had accounts on all those exchanges is established and proven, and that at the time they were sent, the funds were worth over $100 million.

As Cointelegraph reported in February, following the sudden death of its founder Gerry Cotten, cryptocurrency exchange QuadrigaCX was reportedly missing CA$190 million dollars ($145 million) in digital assets.

ZeroNonCense explains that — given the affidavit of the founder’s widow Jennifer Robertson that neither she nor other individuals involved with the exchange knew where Cotten stored the crypto assets — it is possible that they were not aware of these storage practices.

According to the report, Robertson also claimed in the affidavit that Cotten may have stored some of QuadigaCX’s funds on other exchanges. A report by Big Four audit firm Ernst & Young, which claimed that the exchange’s cold wallets have been empty and unused since April 2018, could be explained by the possibility that the assets are instead stored on those exchanges, ZeroNonCense hints.

The report concludes that if QuadrigaCX’s funds are still on the aforementioned exchanges, their retrieval should be trivial and could allow the platform to regain solvency and resume its operations.

As Cointelegraph reported at the beginning of February, ZeroNonCense previously released a report claiming that QuadrigaCX never had the $190 million in Bitcoin (BTC) it supposedly lost access to when its CEO unexpectedly died.

Also in February, news broke that Canadian banks have shown hesitation concerning the management of insolvent cryptocurrency exchange QuadrigaCX’s assets because of money laundering concerns.

Posted on

Bitfinex and Ethfinex To Go Offline on 7th January for a Complete Data Migration to New Servers

The team at both Bitfinex and Ethfinex has announced that they plan a scheduled ‘shutdown’ on the 7th of January 2019, to facilitate the final stages of a currently ongoing data migration to dedicated bare-metal servers. The exact timing is yet to be announced by the team at iFinex but the two exchanges will go offline for a duration of between three and seven hours. 

Why the Migration?

The parent company of both Bitfinex and Ethfinex – iFinex – is switching from AWS (Amazon Web Services) cloud to self-designed infrastructure hosted in a data center at the heart of the Crypto Valley in Switzerland. iFinex has selected premium hardware for its dedicated servers that will optimized to handle high volume trading.

What remains now, is the the last stage to complete the process of migrating data to the new servers. The team explained via the announcement, why they are migrating to the new servers:

From superior quality APIs, to margin trading and breadth of order types, iFinex are constantly innovating to provide the most sophisticated trading platform in the market.

Data migration to dedicated bare-metal servers is atypical in our industry, and we have modeled our approach on traditional stock exchange operations.

It has been a considerable undertaking, but one we felt was integral to provide a service up to the standard that professional traders are used to in other sectors.

Benefits of the New Dedicated Bare-Metal Servers

Migrating to the new servers will provide the following benefits:

  • Increased speed – performance will be 2x faster but dependent on how far the traders’ servers are located from the new data-center
  • Advanced security – the dedicated bare-metal servers will be more secure, self-hosted thus eliminating any third-party service. Through a partnership with Market Synergy, the servers will be video and movement monitored 24/7 all year round, with military grade access to the data center

Effects on the Downtime for the Trader

During the data migration at Bitfinex and Ethfinex, traders will not be able to access the trading platforms. All features on the platforms will be offline during the upgrade.

Funds will however be safe and unaffected. No orders will be executed and any open orders will be kept as is. The open orders will resume as soon as the platforms are back online.

Traders to Plan Ahead to Avoid Liquidations Due to Price Movements during the 3 – 7 Hours

The team at the exchanges went on to clarify that no trades will be liquidation during the downtime.

However, due to significant price movements in the crypto markets during the 3 – 7 hours time period, traders are advised to take necessary precautions ahead of time to avoid liquidations.

What are your thoughts on Bitfinex and Ethfinex migrating their data to dedicated servers in Switzerland? Please let us know in the comment section below. 

The post Bitfinex and Ethfinex To Go Offline on 7th January for a Complete Data Migration to New Servers appeared first on Ethereum World News.

Posted on

Report Claims Over 80 Percent of Top 25 BTC Trading Pair Volumes on CMC Are Wash Traded

A new report claims the majority of the top 25 BTC trading pairs listed on CoinMarketCap (CMC) are based upon “grossly” inflated false volumes.

A new report from data researchers at the Blockchain Transparency Institute (BTI) claims that the majority of the top 25 Bitcoin (BTC) trading pairs listed on CoinMarketCap (CMC) are based upon “grossly” inflated false volumes. The researchers’ findings for December were published in BTI’s “Exchange Volumes Report” on Dec. 13.

BTI presents its report as “a deeper dive into specific trading pairs on exchanges which are showing clear evidence of wash trading.” The data has reportedly been compiled by using algorithms to analyze volume data points and order books, as well as by consulting with “market makers, high frequency traders, and trade surveillance consultants” over a period of three months.

The Institute states it has thereby “calculated the true volume of the CMC top 25 BTC trading pairs,” finding that:

“Most of these pairs’ actual volume is under 1% of their reported volume on CMC. We noted only 2 out of the top 25 pairs not to be grossly wash trading their volume, Binance and Bitfinex.”

Wash trading” is the term for a process whereby a trader (or bot) buys and sells an asset for the express purpose of artificially inflating volumes to falsely signal interest in that asset, thereby feeding misleading information to the market. The report concludes that, based on its findings, “over 80% of the CMC top 25 BTC pairs volume is wash traded.”

BTI’s volume analysis for the top 25 BTC trading pairs on CoinMarketCap. Source: BTI

Liquid also shows a 100 percent match of its reported volume to its actual volume over a 24 hour period.

Among those high-profile crypto exchanges reportedly engaging in wash trading is allegedly OKex. According to BTI, algorithms detected manipulation for “just about all” its top 30 traded tokens. Based on this evidence, BTI states it has added the exchange to its “Exchange Advisory List,” which it has compiled in order to caution token creators against paying listing fees to certain exchanges.

“Clear evidence” of wash trading was also found for Huobi and HitBTC, “but to a lesser degree” than OKEx, according to the report. BTI further states it analyzed Bithumb and found “a large amount” of wash trading primarily with altcoins Monero (XMR), Dash, Bitcoin Gold and ZCash (ZEC); the “top wash traded tokens” on Bithumb, according to the report, vary for each given month.

According to BTI, many crypto exchanges with seemingly high reported volume in truth “exist solely to collect [listing] fees while their bots run their exchanges.” The report estimates that the average crypto token project spent “over $50,000 this year” on listing fees from exchanges on its cautionary Advisory List, with around $100 million spent in 2018. “Over 50 exchanges […] wash trading over 95% of their volumes,” the report continues, some of them making “over” $1 million this year solely via fees.

As reported, the United States Commodity Futures Trading Commission (CFTC) has this year demanded extensive trading data from several crypto exchanges as part of a probe into possible manipulation in the crypto spot markets and its potential impact on BTC futures.

Also this year, the U.S. Department of Justice (DOJ) opened a separate investigation into BTC and Ethereum (ETH) price manipulation, looking into how traders may be manipulating prices through illegal spoofing and wash trading.

Posted on

BTI Report: Only Binance and Bitfinex Exchanges Are Not Falsifying Trade Volume Data

The Blockchain Transparency Institute (BTI), has released its December 2018 Exchange Volumes Report. The report goes on to state taht only two out of twenty five top cryptocurrency exchanges are actually reporting accurate trade volume. These two exchanges are Bitfinex and Binance. The rest of the exchanges are involved in wash trading that inflates their trade volume figures thus providing inaccurate information.

Evidence of Wash Trading By Some Exchanges

The report also claims that there is clear evidence of wash trading by majority of the exchanges. It states:

For our December report we’ve taken a deeper dive into specific trading pairs on exchanges which are showing clear evidence of wash trading.  This has always been our goal, however we wanted to make sure this data was as accurate as possible, so we’ve been updating and perfecting these algorithms over the past 3 months.

During this time, we have spent countless hours watching order books, analyzing volume data points, and speaking with market makers, high frequency traders, and trade surveillance consultants. We have collected an enormous amount of data and we now feel confident to begin releasing these figures…

Included in this report we have calculated the true volume of the CMC top 25 BTC trading pairs. Most of these pairs actual volume is under 1% of their reported volume on CMC. We noted only 2 out of the top 25 pairs not to be grossly wash trading their volume, Binance and Bitfinex.

Wash Trading is a form of market manipulation in which an investor simultaneously sells and buys the same financial instruments to create misleading, artificial activity in the marketplace.

Below is a screenshot from the report showing which exchanges are practicing wash trading.

List of exchanges and their real volume. Source, BlockchainTransparency.org

Summary of the Report by BTI

The report has highlighted the following:

  • 4 different bot strategies are used to inflate exchange volume numbers. These bots are set at different trading pairs depending on the time of day. Settings are constantly changed based on current volume trends and hype around a specific token
  • The top 25 Bitcoin trading pairs on Coinmarket Cap is under 1% of their reported volume
  • Only Bitfinex and Binance exchanges are not practicing wash trading
  • OKEx’s top 30 tokens are engaged in wash trading. The exchange has benefited the most from Coinmarket Cap’s referral traffic. By adjusting the volume of OKEx, the exchange still manages to be in the top 10 according to trade volume
  • Huobi is also wash trading its top 25 pairs but to a lesser degree than OKEx
  • HitBTC is wash trading its top 25 pairs
  • Bithumb is wash trading Monero, Dash, Bitcoin Gold, and ZCash. Wash traded tokens on Bithumb appear to change depending on the month
  • Listing fees are big business with the average project spending over $50,000 to get listed
  • The team at BTI has compiled an advisory list of exchanges that they believe are wash trading and benefiting from listing fees. The list can be found here

Conclusion on Wash Trading

The report concludes the following about the wash trading activities.

Based on this data over 80% of the CMC top 25 BTC pairs volume is wash traded. These exchanges continue to use these strategies as a business model to steal money from aspiring token projects.

Advice to Projects Planning on Finding an Exchange to List their Tokens

The report advised projects planning to have their tokens listing on exchanges:

We advise any token project to contact us regarding any exchange requesting large listing fees, especially those on our Advisory List.

Many of these exchanges exist solely to collect these fees while their bots run their exchanges.

We also have data on fair listing fee costs for exchanges which are not using wash trading bots. We’ve had reports on fees ranging from 2BTC up to 75BTC.

Methodology of the BTI Reports

The BTI reports have evolved from simply focusing to web traffic, to now include data collected from exchanges on mobile app usage and API trading. For the December report, the team at BTI has also explored specific trading pairs on exchanges.

What are your thoughts on the new report by Blockchain Transparency Institute that states that only 2 major exchanges are actually reporting accurate trade volume? Do you think that the report is accurate? Please let us know in the comment section below. 

Disclaimer: This article is not meant to give financial advice. Any additional opinion herein is purely the author’s and does not represent the opinion of Ethereum World News or any of its other writers. Please carry out your own research before investing in any of the numerous cryptocurrencies available. Thank you.

The post BTI Report: Only Binance and Bitfinex Exchanges Are Not Falsifying Trade Volume Data appeared first on Ethereum World News.

Posted on

Binance’s Bitcoin (BTC) Trading Share Falters In Crypto Bear Market

Binance’s Bitcoin (BTC) Trading Dominance Dives

Another week, another crypto-centric analytics report from Diar, a leading research unit in the nascent cryptocurrency ecosystem. In the startup’s most recent installment, released on Monday, Diar drew attention to the ever-changing role that Bitcoin (BTC) and that exchanges that support it have played in the cryptocurrency market at large. Interestingly, per data compiled by Diar, sourced from this industry’s foremost exchanges, Binance’s nearly-unquestioned hegemony over crypto may be at risk.

According to Diar, “Bitcoin trading volumes have taken a hit across major token exchanges over the course of 2018.” The research team, doing their best to portray this happenstance, noted that while Binance continues to dominate the crypto trading scene, its in-house BTC/USD(T) pair only accounts for 32% of the entire market’s total BTC/USDT volume. While this may seem like a hefty figure in and of itself, considering that this statistic for Binance peaked at 47% in June, the unprecedented growth of interest in altcoins through Binance may be worrying to Bitcoin’s diehard maximalists.

Binance isn’t alone in its inability to attract active Bitcoin traders. Hong Kong-based Bitfinex saw its BTC/USD market undergo an even worse popularity decline, with the pair now only amounting for 27% of the market’s aggregate BTC/USD volume, compared to 51% at the turn of 2017. This can likely be attributed to the platform’s uncanny ability to generate immense controversy in recent months, as seen by the Tether debacle and banking qualms.

Interestingly, “State-side” platforms, exchanges based in America, have “suffered” the largest losses in BTC/USD in recent months, with Bittrex and Polniex now only accounting for 2.7% of Bitcoin trading volumes.

There’s been one notable outlier in this case of ‘bear market blues’, with OkEX, widely lauded as Binance’s primary competitor, seeing its primary BTC market post a 6x market share gain since January.

Report: Crypto Market To Consist Of 66% Bitcoin in 2019

Although Diar’s report didn’t paint a positive picture for the short to mid-term prospects for Bitcoin’s hegemony over the cryptosphere, as it seems that traders are looking to altcoins yet again, a number of analysts from A.T. Kearney expect for BTC to continue to rule over altcoins with an iron fist, no holds barred.

Per reports from Forbes contributor Panos Mourdoukoutas, who has taken a liking to Bitcoin, A.T. Kearney, a multinational management consulting firm, reportedly issued a report specifically on Bitcoin’s market dominance statistic, which is currently situated at 55%. The corporation noted that it expects for the statistic to “nearly” reach two-thirds of the aggregate capitalization of cryptocurrencies. Citing reasons for this ~66% target, which isn’t out of the realm of possibility, the American firm purportedly stated that altcoins have “lost their luster” due to growing risk aversion tactics enlisted by retail investors.

Investors’ growing penchant for liquidating their altcoin positions for Bitcoin can potentially be chalked up to the U.S. SEC’s renewed crackdown on ICO-funded tokens. Just recently, the American financial regulator fined AirFox and Paragon, two lesser-known ICOs, in a precedent-setting case, instilling fear throughout the crypto investor base as a whole. As is common practice, if there aren’t enough rewards to justify the risk, investors won’t allocate capital to the asset class in question. This case with altcoins, a majority of which were parented by ICOs, is undoubtedly no different.

However, A.T. Kearney says this isn’t exactly the case, with the firm drawing attention to the ever-growing complexity of the nascent altcoin subset. Courtney Rickert McCaffrey at A.T. Kearney wrote:

“Our prediction is that Bitcoin will regain its dominance is supported by the ever-growing complexity among altcoins, most recently demonstrated by the ‘hash war’ that occurred in the Bitcoin Cash ecosystem.”

Although this isn’t a well-documented issue, a number of crypto-centric consumers took to Twitter during Bitcoin Cash’s hard fork to express how confusing the whole fracas was. This, of course, only legitimizes the aforementioned firm’s report, albeit only be a smidgen.

Title Image Courtesy of Andre Francois Via Unsplash

The post Binance’s Bitcoin (BTC) Trading Share Falters In Crypto Bear Market appeared first on Ethereum World News.

Posted on

Bitfinex, Ethfinex Add Four More USD-Backed Stablecoins

Major crypto exchange Bitfinex and its spin-off Ethfinex has introduced support for four more fiat-backed stablecoins.

Cryptocurrency exchange Bitfinex and its spin-off Ethfinex have added support for four new major USD-backed stablecoins, according to an blog post published Dec. 4.

Per the announcement, both exchanges have introduced stablecoins USDC, True USD (TUSD), Paxos (PAX) and the Gemini dollar (GUSD) in a bid to keep the platforms “agnostic.” The four new stablecoins join the already supported Ethereum-backed coin DAI and the industry stalwart, Tether (USDT), all to be traded against USD.

Explaining the move as an effort to provide an “unbiased meeting place” for crypto traders, the exchanges note that deposits and withdrawals for the newly added stablecoins are limited to verified traders within their platforms, while trading verification status does not affect trading.

The move follows the introduction of direct USDT-fiat trading in late November, through the addition of USDT/USD and EURT/EUR trading pairs on the Bitfinex platform. That update was made in conjunction with the launch of direct 1:1 redemptions of USDT to fiat on Tether’s platform.

The move from Bitfinex and Ethfinex places them into the ranks of major digital currency exchanges actively listing stablecoins on their platforms. Last month, major crypto exchange Binance announced it would list Circle’s USD-pegged stablecoin USDC, subsequently renaming its USDT Market into a combined Stablecoin Market (USDⓈ).

In October, top crypto exchanges OKEx and Huobi both added four USD-backed stablecoins at once.

Posted on

Bitfinex and Ethfinex to List 4 New Stablecoins: TUSD, USDC, PAX and GUSD

A few hours ago, and via twitter and Medium, Bitfinex announced that it was adding four additional stablecoins. The newly added stablecoins would also be listed on Ethfinex: the Ethereum token centered version of Bitfinex.

The four newly listed stablecoins are as follows.

  • USD Coin (USDC)
  • True USD (TUSD)
  • Paxos Standard (PAX)
  • Gemini USD (GUSD)

The new additions brings the total tally of stablecoins on the two platforms to six. The other stablecoins are Tether (USDT) and Dai (DAI).

Trading Effective 4th December and Why Bitfinex and Ethfinex Added the Stablecoins

The announcement by Bitfinex went on to explain that trading of the stablecoins was effective immediately on the date of the announcement: December 4th 2018. The exchange went on to explain why the team chose to add the new stablecoins.

Following the Tether boom in 2017, the stablecoin market has rapidly expanded with five alternatives of note launching from March 2018.

At Bitfinex and Ethfinex we are dedicated to providing a high quality, unbiased meeting place for every ecosystem and customer. We were the first to introduce alternative stablecoins onto our platform, including Dai (an Ethereum collateralised stablecoin), and now proudly introduce the following established stablecoins: USDCTrue USDPaxos, and Gemini USD. All stablecoins on Bitfinex and Ethfinex will be traded against USD

Tether’s (USDT) Dominance Continue’s to Reduce

The addition of 4 new stablecoins follows a similar path by other exchanges such as Binance and Huobi. With the bear market still in full effect, crypto traders and enthusiasts have developed a liking for stablecoins to hedge against times of volatility such as the recently ‘concluded’ hash wars between Roger Ver and Craig Wright.

Another factor to consider, is the entry of institutional investors who might not have a liking for Tether (USDT) given the coin’s past controversies that include Bitcoin manipulation as well as the parent company not being able to account for its USD reserves. Such uncertainty has led to exchanges such as Gemini, creating their own stablecoin as well as Paxos Standard getting the credibility needed through being registered in the United States. By registering in the US, PAX provides a secure option for Wall Street investors since it is fully regulated.

The irony of Bitfinex and Ethfinex listing the four aforementioned stablecoins, is that the earlier mentioned Bitcoin manipulation using USDT was allegedly carried out on Bitfinex. But the additional 4 stablecoins adds much needed credibility to the exchange. It shows that Bitfinex is willing to become a platform that caters for the needs and concerns of traders.

What are your thoughts of Bitfinex and Ethfinex listing four additional stablecoins? Please let us know in the comment section below. 

Disclaimer: This article is not meant to give financial advice. Any additional opinion herein is purely the author’s and does not represent the opinion of Ethereum World News or any of its other writers. Please carry out your own research before investing in any of the numerous cryptocurrencies available. Thank you.

The post Bitfinex and Ethfinex to List 4 New Stablecoins: TUSD, USDC, PAX and GUSD appeared first on Ethereum World News.

Posted on

Bitfinex and Ethfinex to List 4 New Stablecoins: TUSD, USDC, PAX and GUSD

A few hours ago, and via twitter and Medium, Bitfinex announced that it was adding four additional stablecoins. The newly added stablecoins would also be listed on Ethfinex: the Ethereum token centered version of Bitfinex.

The four newly listed stablecoins are as follows.

  • USD Coin (USDC)
  • True USD (TUSD)
  • Paxos Standard (PAX)
  • Gemini USD (GUSD)

The new additions brings the total tally of stablecoins on the two platforms to six. The other stablecoins are Tether (USDT) and Dai (DAI).

Trading Effective 4th December and Why Bitfinex and Ethfinex Added the Stablecoins

The announcement by Bitfinex went on to explain that trading of the stablecoins was effective immediately on the date of the announcement: December 4th 2018. The exchange went on to explain why the team chose to add the new stablecoins.

Following the Tether boom in 2017, the stablecoin market has rapidly expanded with five alternatives of note launching from March 2018.

At Bitfinex and Ethfinex we are dedicated to providing a high quality, unbiased meeting place for every ecosystem and customer. We were the first to introduce alternative stablecoins onto our platform, including Dai (an Ethereum collateralised stablecoin), and now proudly introduce the following established stablecoins: USDCTrue USDPaxos, and Gemini USD. All stablecoins on Bitfinex and Ethfinex will be traded against USD

Tether’s (USDT) Dominance Continue’s to Reduce

The addition of 4 new stablecoins follows a similar path by other exchanges such as Binance and Huobi. With the bear market still in full effect, crypto traders and enthusiasts have developed a liking for stablecoins to hedge against times of volatility such as the recently ‘concluded’ hash wars between Roger Ver and Craig Wright.

Another factor to consider, is the entry of institutional investors who might not have a liking for Tether (USDT) given the coin’s past controversies that include Bitcoin manipulation as well as the parent company not being able to account for its USD reserves. Such uncertainty has led to exchanges such as Gemini, creating their own stablecoin as well as Paxos Standard getting the credibility needed through being registered in the United States. By registering in the US, PAX provides a secure option for Wall Street investors since it is fully regulated.

The irony of Bitfinex and Ethfinex listing the four aforementioned stablecoins, is that the earlier mentioned Bitcoin manipulation using USDT was allegedly carried out on Bitfinex. But the additional 4 stablecoins adds much needed credibility to the exchange. It shows that Bitfinex is willing to become a platform that caters for the needs and concerns of traders.

What are your thoughts of Bitfinex and Ethfinex listing four additional stablecoins? Please let us know in the comment section below. 

Disclaimer: This article is not meant to give financial advice. Any additional opinion herein is purely the author’s and does not represent the opinion of Ethereum World News or any of its other writers. Please carry out your own research before investing in any of the numerous cryptocurrencies available. Thank you.

The post Bitfinex and Ethfinex to List 4 New Stablecoins: TUSD, USDC, PAX and GUSD appeared first on Ethereum World News.

Posted on

Crypto Exchange Hacks in Review: Proactive Steps and Expert Advice

Has the cryptocurrency exchange which you typically trade on already been hacked? If not yet, this is highly possible. Centralized exchanges, which Vitalik Buterin wished would “burn in hell,” can manipulate users’ funds and face regular attacks, while decentralized ones seem to have not yet found a balanced compromise between security and usability. At the same time, the experience of traditional banks in ensuring cybersecurity is still not in demand within the crypto industry, which leads to users’ millions of dollars theft or data breach, like in an incident happened to Atlas Quantum account owners on Aug. 25.

The top five attacks on crypto exchanges are well known to traders and studied by cybersecurity specialists around the world. The list is headed by Mt. Gox, which has recently started accepting refunding claims of the traders affected by the hack.

Mt. Gox

Country: US
Founders: Jed McCaleb, Mark Karpeles
Funds stolen: 1.35 million BTC

Mt. Gox was first hacked in 2011, and then in 2014. The hackers compromised the account belonging to an auditor of the exchange. In the first case, 500,000 BTC — equivalent to $8.75 million — were stolen from the accounts and from the depository as a result of the exchange’s database being hacked. In the second case, attackers managed to withdraw much more — 850,000 BTC.

Civil investigators, unfamiliar with the subtleties of the cryptocurrency industry, were able to confirm the movement of only 200,000 BTC, which hackers transferred to their wallet by altering a nominal value of one Bitcoin to one cent. What happened to the rest of the assets is still unknown. The exchange terminated its operation in February 2014, resulting in three powerful blows to the Bitcoin exchange rate. Thus, in 2011, the cryptocurrency price fell from $32 to several cents; in 2014, from $720 to $550; and in 2018, Mt. Gox arbitration manager Nobuaki Kobayashi sold a total of 35,841 BTC in the falling market, accelerating its further fall. Recent activities of Mt. Gox administration infuriated the deceived users, who demanded to “just give the people their money in BTC!”

Protection advice

Protection advice

Some cryptocurrency exchanges strengthen their defences by working with trustworthy security auditors who have proven hack-proofing expertise and white hat skills. They prefer to work with one contractor in relation to audits, DDoS mitigation, scans and site updates.

This minimizes the risk of audit-related vulnerability and access to stored funds falling into the wrong hands. For higher protection, additional banking tools are used — such as segregated master wallets, cold storage, layers of withdrawal authorization, IP address verification and email confirmation, two factor authentication (2FA) login and a crypto debit card, which can all be used to verify payments and user logins to the exchange.

iBitt COO Chris Schwarzenbach shared with Cointelegraph that the highest level of cybersecurity is only possible with a centralized exchange service, which has the development resources, security team, hidden servers and responsive control necessary to run military-grade security for a crypto exchange.

BitFloor

Country: US
Founder: Roman Shtylman
Funds stolen: 24,000 BTC

BitFloor suffered from the second largest hack in crypto history back in September 2012. It all started when the exchange’s server crashed, either under the influence of a DDoS-attack or because of a power outage in the data center — as was claimed by its owner Roman Shtylman.

Four days after, the hackers used a backup copy of the key from the hot wallet of the exchange, where the funds of traders were stored, and withdrew 24,000 BTC. Shtilman made an unsuccessful attempt to compensate the victims by selling a stake in BitFloor’s property, but could not find an interested party. In 2013, the exchange closed, leaving the affected investors with nothing.

Protection advice

According to security experts, Bitfloor made two errors at once that led to such a severe financial loss. The first was storing the data in an unencrypted way — which Shtylman honestly confessed to — and the second one, which only aggravated the situation, was leaving large sums of money in an online-accessible hot wallet.

The simplest action to be done by any exchange in order to prevent the theft of coins is to keep the majority of its funds in “cold storage,” which ensures that private keys never touch any computer accessible from the internet. ThomasV, the lead developer of the Electrum client, provided seven key recommendations for cryptocurrency exchanges:

  • Don’t store more Bitcoin outside cold storage than you can afford to lose and remain solvent
  • Deposits should be sent to cold storage addresses directly
  • Transfer from cold storage to hot storage should be manual only
  • An attacker shouldn’t be able to disguise a theft as a series of withdrawals from customers
  • If a withdrawal request exceeds the amount available in the hot wallet, the customer should have to wait. Receiving coins 24 hours later is better than never
  • Clone your database to a place where an attacker cannot irreversibly modify or delete it from the server
  • Send digitally signed account statements to customers regularly, using a key that is not on the public server

Poloniex

Country: US
Founder: Tristan D’Agosta
Funds stolen: 97 BTC

Poloniex takes the 3rd place in the long list of victims. In May 2017, hackers discovered a critical vulnerability in the exchange’s software — all the withdrawal requests being simultaneously sent, were automatically processed regardless of the account balance. The owner of Poloniex, Tristan D’Agosta, did not name the exact amount of the stolen goods, but announced that the total users’ funds were reduced at the time of hack equivalent by 12.3 percent or 97 BTC.

To cover the losses Poloniex had to cut all users’ balances by this amount. These funds were temporarily frozen and then returned to users from personal funds, with an increase in the exchange’s fees going up 1.5 percent. Users found this decision acceptable, and Poloniex saved its reputation and continued to work — periodically undergoing minor attacks. Now the exchange belongs to the American payment system Circle.

Protection advice

Tristan D’Agosta publicly revealed in his BitcoinTalk post what crucial mistakes had been made by the administration:

“The major problem here was that withdrawals should have been queued at every step of the way. This could not have happened if withdrawal requests were processed sequentially instead of simultaneously. Additionally, auditing and security features were not explicitly looking for negative balances. They add deposits and withdrawals and check that accounts are in balance. If you have 2 BTC, withdraw 10 BTC, and are left with -8 BTC, the software would see that you deposited 2, withdrew 10, and have exactly what you should: -8.”

Agosta has also advised on precautionary measures to be done in order to prevent such irreversible damage and shared new changes in the exchange’s security system:

“Withdrawals and order creation have been switched to a queued method, where the first step is to add the task to a global execution queue that is processed sequentially. Each step of critical database operations is verified before proceeding, and such operations are in the process of being converted to transactions. I have hired additional developers to help with tightening up security at Poloniex, as well as created a bug bounty.”

Bitstamp

Bitstamp

Country: Slovenia
Founders: Merlak brothers
Funds stolen: 19,000 BTC

In 2015, Bitstamp lost 19,000 BTC, which were stolen by hackers from the exchange’s hot wallet. At that time, the losses were equivalent to $5 million. Surprisingly, a banal phishing attack was used by hackers — the exchange employees received personal emails and messages in Skype from seemingly friendly sources.

What’s maybe even more surprising is that the person responsible for security, Bitstamp system administrator Luka Kodrich, clicked the link and downloaded malware onto the working computer, after which the exchange was hacked. Bitstamp hurried to notify traders about what was happening, however, the attackers had already stolen the funds. Compensation did not followed, but the security regime was toughened that helped the exchange recover quickly. For the purpose of developing multi-signature protection Bitstamp has partnered with BitGo.

Now, carrying out transactions on Bitstamp requires using multisignature, and 98 percent of the cryptocurrency is stored in a cold wallet.

Bitfinex

Bitfinex

Country: British Virgin Islands
Founder: Rafael Nicole
Funds stolen: 120,000 BTC

Bitfinex became the victim of hackers in August 2016. Unknown people used a bug in the multisignature system, which was supported by BitGo’s partner company. The hackers deceived the BitGo algorithms in an unknown way, forcing them to approve transactions and withdrew about 120,000 BTC from the hot wallet, worth the equivalent of $72 million at the exchange rate at that time.

The Bitfinex founders confronted the users about the fact that financial losses would be distributed among all the users, 36.067 percent of whose coins would be frozen. These funds were later compensated by BFX tokens, which could be converted into U.S. dollars at the exchange rate, or into shares of iFinex Inc., which belongs to Bitfinex founder. This chosen — and seemingly proper — policy helped the exchange stay in the top until today.

Protection advice

Emin Gün Sirer, a famous computer scientist, specialist in hacking researches, and professor at Cornell University, suggested a solution that does not break Bitcoin’s all-too-critical irreversibility when dealing with strangers, but allows someone to take back his funds in the event of a hack:

“The special thing about vaults is that they come with two keys. One key is used to unlock the vault and move your funds to a regular wallet. The other one, called a recovery key, is used when you notice that your funds were hacked and moved out of the vault by a hacker. You can then use your recovery key to undo the hack — you have 24 hours to notice and launch the recovery and get back all the funds. Notice that you cannot fool a merchant with this trick and revert a real transaction. All you can do is take back your own money from someone who is trying to steal it. If I may say so myself, it’s a pretty ingenious scheme. It’s almost like someone ought to work on it.”

Chronicle of 2018

Despite all the hopes of the crypto community, the year has not brought anything new to the established practice of securing the exchange sites, and 2018 is being marked by numerous attacks made with the help of new sophisticated hacking tricks. According to the Wall Street Journal, since the beginning of the year, hackers have managed to steal more than $800 million and are not going to stop there.

Coincheck

Country: Japan
Founders: Koichiro Wada, Yusuke Otsuka
Funds stolen: 523 million NEM

Coincheck was attacked by hackers in the last days of January 2018. The target, as in most cases, was the hot wallet of the exchange, from which 523 million NEM tokens were stolen. Despite all the previous examples, the exchange continued to keep users’ funds and even their own funds in the hot wallet and did not use the multisignature for protection.

Will the hackers cash out the stolen goods? Hardly. The crypto community united after this theft and finally began to actively exchange information in order to prevent further movements of stolen funds. In particular, the ShapeShift instant exchange service has banned the exchange of NEM coins. This example was followed by other services, since 11 anonymous addresses, which the stolen tokens had been transferred to, have been tagged with a sign “coincheck_stolen_funds_do_not_accept_trades: owner_of_this_account_is_hacker,” so it isn’t difficult to track any transaction made by hackers. The investigation of the incident and the development of compensation options for users are continuing.

Protection advice

Coincheck’s example emphasized the importance of properly organized storage of users’ funds on the exchange. Security layers and warning triggers are a must for any exchange service, says Nick Moore, CEO at Investa, a U.K. crypto exchange which also operates debit cards and ATMs:

“We hold minimal coins in our hot wallets and operate a time delay on withdrawals with manual review process, so the ability to hack account and amount of coins held on exchange is low. The risk of loss is minimized through the manual procedures of moving coins to cold storage when we identify that any excess funds have accumulated and are not needed for immediate liquidity. Storing the funds on cold wallets ensure they cannot be hacked and keeping a minimal float in hot wallets helps to save the liquidity.

“I’m sure users don’t mind waiting a little longer for their withdrawals, when they realize that this is one of the best ways to fight the hackers.”

BitGrail

Country: Italy
Founder: Francesco Firano
Funds stolen: $170 million

On Feb. 13, BitGrail lost $170 million in Nano (XRB) as a result of hacking attacks. At the same time, the founders of the exchange started a public discussion with developers of Nano’s blockchain in order to define which side was responsible for the bug that led to the hack.

The developers of the cryptocurrency accused BitGrail of giving insufficient attention to ensuring security — in particular, in the absence of the authentication procedure for users. Later the exchange stopped working and turned over the investigation to the police.

The authorities of Florence confiscated all the cryptocurrency from the BitGrail deposit to secure the claim of the affected users, and the Nano Foundation promised to take part in the protection of their interests and compensation for losses.

Coinrail

Country: South Korea
Founder: Lee Nuss
Funds stolen: $40 million

Coinrail fell victim to a hacking attack on June 10, 2018 and lost a total of $40 million in 11 cryptocurrencies. Immediately after the attack, the representatives of the exchange were not ready to provide any intelligible information, so the details of the theft were revealed by the participants in the Pundi X project, whose tokens were also among the kidnapped.

A month later, on July 15, the exchange resumed trading and offered the victims two compensation schemes: a gradual refund through the purchase of stolen cryptocurrency and compensation with Coinrail RAIL tokens, which can then be converted into a cryptocurrency at the inner rate.

Protection advice

Rik Ferguson, an analyst at cybersecurity firm Trend Micro, believes the problem is in the weakness of the development team, insufficient cybersecurity education of the staff and poor investment in fraud analytics:

“By and large these exchanges are small businesses and they are most often in permanent startup mode, facilitating transactions. These organizations have small security teams, if they have one at all, little to no experience in securing a financial institution and generally a very large, attractive pile of money.”

Bithumb

Bithumb

Country: South Korea
Founder: Kim De Shi
Funds stolen: $30 million

Bithumb was hacked on June 19, just a few days after it updated its security systems. $30 million, which was 10 percent of the total trading volume, was stolen by the attackers. This is the second incident in the chronicle of Bithumb. The first occurred on June 29, 2017, when the personal data of 30,000 users — equivalent to three percent of all the users by that time — was compromised. Hackers tried to access users’ one-time passwords, but the exchange froze trades and made changes to the security system.

At the same time, Bithumb spends eight percent of profits on security, strictly follows the rule “5.5.7” when five percent of employees are IT specialists having the confirmed expertise, five percent possess the skills to ensure cybersecurity, and at least seven percent of the company’s profits are spent on its funds protection.

At the time of the hack, the exchange discovered a potential threat and was already withdrawing users’ funds to a cold wallet. Affected traders were promised to be compensated from the personal funds of Bithumb administration.

Protection advice

Charlie Lee in a tweet expressed hopes for the restoration of the exchange and gave users concise advice, warning against such situations:

“As I’ve said many times, be smart and only keep on exchange coins that you are actively trading. It’s best to withdraw right after trading.”

Bancor

Country: Switzerland
Founder: Guy Benarzi
Funds stolen: $23 million

Bancor, a decentralized exchange created in opposition to centralized ones, to which Vitalik Buterin has recently addressed his angry “burn in hell” statement, was attacked by hackers on July 9, 2018. It is noteworthy that this happened a day after the exchange expressed in the official Twitter post the full agreement with Vitalik Buterin about centralized decisions and stated that decentralized exchanges are the future.

From the exchange’s hot wallet, hackers withdrew a total of $23.5 million. Almost half of the stolen funds was made up of their own BNT tokens ($10 million), Ethereum ($12.5 million) and Pundi X ($1 million). Its tokens were immediately frozen, which caused a flurry of criticism from the cryptocurrency community, because such actions directly contradict the principle of decentralization. Charlie Lee summed up the overall view in his Twitter, announcing that Bancor can manipulate users’ funds.

As for users’ tokens, Bancor immediately created a coalition with the instant exchange service Changelly, through which the hackers tried to withdraw funds. Transactions were frozen there as well.

How do banks deal with this?

Classic banks and banking services have been subject to various attacks since their emergence — that is, for several centuries. And over this time, they have been learning to resist such threats. The only difference is that 50 years ago, banks were attacked by criminals such as Bonnie and Clyde, and now they are attacked by hackers and internet scammers.

Classic banks follow the “5.5.7” formula and have international information security standards — for example, CobiT, which is considered entry level and is then supplemented by numerous internal regulations and scenarios for responding to intervention attempts.

Director of special projects at Group-IB Ruslan Yusufov is sure that the response to incidents must include both systems and an early warning and response plan that will allow all employees to act in accordance with regulations in the event of an incident. Everything is like that in the banking sector. A similar scheme was used by the Bancor exchange, which instantly froze its own tokens, calculated the services through which the withdrawal was planned, and entered into a coalition with them to freeze the stolen assets.

Criticism on the part of the crypto community in this case is less important than efforts to preserve the investors’ funds.

According to statistics, hackers, when attacking crypto exchanges, use tools that have been repeatedly tested on fiat banks. A study of 400 successful hacking attacks on the blockchain systems showed that popular banking services like TrickBot trojan, Vawtrak, Qadars, Triba, and Marcher were slightly modified for crypto exchanges and brought success to hackers in this way as well.

Nevertheless, the security systems of classical banks successfully resist hackers, and the established practice of tracking transactions allows customers to return the stolen funds. Why not borrow this experience? Unfortunately, in ICO teams — including those who create cryptocurrency exchanges — there is not a single IT specialist with the experience in the field of information security of banks.

Is it possible to return the money?

As practice shows, after powerful hacking attacks, crypto exchanges most often use three ways to compensate the affected users:

1. Rollback to a previous state or freeze transactions (Bitstamp, Ethereum and Bancor did this, but this contradicts the principle of blockchain’s irreversibility).

2. Compensation at the expense of other users (this way was chosen by Poloniex).

3. Return the funds of the exchange from its own profit or by issuing exchange tokens (Bitfinex and Coinrail).

Thus, stable, large exchanges that are interested in continuing its operation will offer newer and newer ways of compensating for lost funds. And this is good news for the cryptocurrency industry. Obviously, the practice when the exchange owners tried to hide information from the community about the details of the theft and disappear themselves is being slowly abandoned.

Will cryptocurrency exchanges cope with the problem of hacking attacks sometime soon? Absolutely not. There are two main approaches to hacking exchanges. The first is to gain access to accounts and closed-functionality through the hacking of the founders’ accounts and then to use malicious programs from the arsenal of bank attacks. The second is an attack on the infrastructure of the exchange itself, through the hacking of a web application linking the client to his money on the exchange servers or an attack on so-called hot wallets.

Consequently, the protection of digital assets can be achieved by the joint efforts of users and crypto banks serving the turnover of cryptocurrencies. Bancor’s head of public relations, Nate Hindman, made a statement after the hack:

“These mechanisms include a real-time blacklist that tracks offending addresses and stolen assets, as well as an emergency fund that compensates projects when thefts occur. There is plenty more to do here and we look forward to working with our peers across the industry to make everyone [is] stronger and smarter as we move forward together. Collaboration is not just a concept, it’s a practice — and we are grateful for the support and assistance.”

At the same time, Hindman believes that it is impossible to completely eliminate the possibility of hacking attacks, since attackers develop their own strategies along with the crypto industry, but these attacks can be resisted if market participants unite for joint actions and exchange of information.

As for ordinary users, the tips for preserving digital assets from hackers’ are well known:

  • Do not keep funds in hot wallets.
  • Choose well-known exchanges that disclose security policies.
  • Use the functionality provided by the exchange to the maximum, including 2FA.
  • Distribute funds between several wallets and exchanges.

Probably cryptocurrency exchanges are so often hacked because it is easy to do — and punishment for this is not regulated yet. More exchanges are attacked, more people are left without money, and someone gets away with it. But this year, things may change, since all this has started to seriously concern regulators in state and even world scale.

Along with the G20, an entire consortia of summits are being held, devoted to the issue of regulating the activity of crypto exchanges. For example, one of the Futurama Blockchain Innovators Summit concept authors Joshua Hong reported to Cointelegraph:

“There are many unreported hacking incidents of major exchanges. So, from the perspective of regular user, we do not know how severe the level of hacking [is] for most exchanges. For example, Bithumb was recently hacked, but its trading volume or commission revenue didn’t seem to get affected at all. On the other hand, other exchanges had to shut down their operation after a single blow of hacking.“

The exchanges leaders positively react to such initiative. One of them, investment strategist at Bithumb Alex Lee expressed his personal interest to take part in such discussions:

“[The] best answers to the problems in our industry can be found through proactive sharing of each other’s stories in highly personable ways. So, no matter what the issues are, be it crypto exchanges getting hacked or regulators feeling the pressure from disgruntled token investors who lost money, the solution can be found through community interactions and honest, open conversations.”

Posted on

More Excitement in Q3 of 2018 as Bitfinex Is Working on A Decentralized Exchange Built on EOS

Just yesterday, Ethereum World News wrote about how the Tron (TRX) Community was excited on the possibility of TRXMarket launching a Decentralized Exchange for future tokens created on the Tron Network. The same TRXMarket is also running for election as a Super Representative further proving that it will be independent of Justin Sun and the Tron Foundation. This is as it should be; when we remember that the Tron project wants to decentralize the web.

When the article containing the above information was posted on Reddit, one Redditor was quick to point out that EOS and Bitfinex were collaborating to build a decentralized exchange. The exact words of Redditor NickT300 were as follows:

EOS is going to have 2-3 Pure Decentralized Exchange Platforms coming out this year. Bitfinex is coming out with one called EOSFinex. No more middle man, no more needing to upload your ID, photographic documentation. NOTHING.

EOSFINEX

In an announcement back in February, Bitfinex announced that it was working on building a high performance Decentralized Exchange on the EOS.IO platform. EOSfinex is meant to combine the scalability and speed of EOS with Bitfinex’s industry experience to deliver an “on chain” exchange designed to offer a fast, transparent and trustless platform for the trading of digital assets.

Bitfinex CEO, J.L Van Der Valde would go on to state that:

Block.one continues to display an unwavering dedication to improving blockchain scalability through the EOS.IO platform and it is our hope that this collaboration will allow significant advancement for all decentralised exchange

About eosfinex.com

Further investigating the information, we find that the EOSfinex exchange is currently under development but you can submit your email to get updated on the progress. A screenshot of the website can be found below.

EOS Website. Source, eosfinex.com

Centralized Exchanges need to Evolve or Perish

The continual news of Decentralized Exchanges being developed is a considerable threat to Centralized exchanges. More so since they have proven to be vulnerable to hacks as was the case with CoinCheck and Bithumb just to name a few. There is also the concept of anonymity that Centralized exchanges lack. Once decentralized exchanges are fully functional, we might see a mass exodus of traders from traditional exchanges, to these new platforms.

Disclaimer: This article is not meant to give financial advice. Any opinion herein should be taken as is. Please carry out your own research before investing in any of the numerous cryptocurrencies available.

loading…

Get real time updates directly on you device, subscribe now.