In the last six months, seven crypto exchanges have lost significant amounts of cash to large scale hacking attacks. The most recent is the security breach at Bitpoint. The all-time high amount stolen from crypto exchanges has now surpassed the $1.35 billion mark. Crypto exchanges use a combination of cold and hot wallets to store digital currencies. The crypto exchange’s hot wallet is the least secure of the wallet class. Therefore, and as expected, it is a focal point of most hacks.
Most crypto enthusiasts believe that leaving their assets on the exchange ensures that they can liquidate them faster, perchance there is a crash. On the contrary, digital currencies left on an exchange’s hot wallet are at considerable risk. These assets have generally been entrusted to a third party. Since they have these asset’s private keys, they can quickly lose your life savings if targeted by criminals.
Exchanges tend to store a lot of value on these hot wallets, becoming a favorite target for hackers. Sometimes these hacks are done on such a massive scale that the whole market goes into a slump. The 2016 Bitfinex hack, for instance, where BTC worth $72 million was lost, caused a 20 percent plunge in Bitcoin prices in a day.
Use A Cold Wallet Instead
Cold storage is the best way to deter exchange hackers. A cold wallet is usually offline and is best for HODLers. This storage is not without its risks, but with precautions, it is a much safer alternative to the hot wallet. Coinbase, for instance, holds at least 98 percent of their digital assets in paper and hardware wallets.
These forms of storage facilities are primarily in the form of Nano Ledgers. While they are prone to compromise by their makers, they are also entirely offline, and with some security, measures, they can be kept away from hackers.
The four most massive crypto exchange hacks of 2019 have led to the loss of more than $69 million. The Bitpoint hack of June 27 caused the Japanese exchange 1 billion yen in damages to the exchange.
The hackers also stole 2.5-billion-yen worth of customer funds. Bitrue, the Singaporean exchange, was hacked and lost at least $4.2 million of its user’s assets. The Bitrue hack took place on May 7. Binance has also had a run-in with hackers, losing 7,000 BTC worth $40 million on April 1.
Is There Insurance?
Binance had announced the hack saying:
“We have discovered a large-scale security breach today, May 7, 2019, at 17:15:24 (UTC). Hackers were able to obtain a large number of user API keys, 2FA codes, and potentially other info. The hackers used a variety of techniques, including phishing, viruses, and other attacks. We are still concluding all possible methods used”.
The exchange, however, was well prepared for such an event. They have a SAFU account to protect its users. Binance had said of the account that, they:
“Will create a Secure Asset Fund for Users (SAFU). Starting from 2018/07/14, we will allocate 10% of all trading fees received into SAFU to offer protection to our users and their funds in extreme cases. This fund will be stored in a separate cold wallet.”
Philip Martin, Coinbase’s vice president of security has also confirmed in the recent past that the exchange has insurance coverage for its hot wallet holdings. In a blog post, Martin says that Coinbase has its hot wallet assets covered for up to $255 million. The exchange nevertheless does not recompense losses arising from the compromise of an individual’s Coinbase account.
However, not all exchanges are as prepared for hacks as Binance, so users have to take precautionary measures. Chief amongst these measures is to not leave their life savings in an exchange’s hot wallet.