My Moon Coin .com

"to the moon!"

Date: 2018-12-10

Crypto Exchanges - Have They All Been Hacked?

The simple answer is no, they have not "all" been hacked.

A number of exchanges have experienced hacking, most notably the likes of MtGox in 2014 - where the exchange simply shut up shop due to running out of funds...

MTGox is particularly interesting because of the way in which it held the currencies that it required to operate. No one really had any idea about the way in which the system worked, and it appeared that someone (or several people) seemed to have taken it upon themselves to either steal some of the money, or siphon it off to other places.

The point is that MtGox was hacked, it lost a large amount of its Bitcoin holdings, and this caused the "exchange" to shut down - locking traders out of their funds. Despite being 4 years ago, the MtGox funds are still being distributed to this day.

Other exchanges have not been immune to the hacks - with Cryptopia looking like the latest in a string of security breaches threatening investor funds. To this end, if you're involved with the market - and potentially have any of your holdings locked in any of the exchanges - you will need to look at this tutorial quite closely.

The long - and - short of it is that if you actually "store" your "crypto" holdings in any of the exchanges directly, you will be at risk of a "hacking". All a hack does is essentially re-assign your "crypto" holdings to an anonymous wallet, essentially meaning that the hacker receives a substantive amount of *your* money without having to do anything for it.

If you are in this position (have funds in exchanges), you'll be best to remove them immediately. This will give you an overview of how to do it...

It's All Bits / Bytes...

Ultimately, "crypto" is just software, and the various "coins" are simply files/tokens required to decrypt the various transactions it may have.

This is consequential; but what it really means is that if you're looking at having "crypto" holdings stored in an exchange, you're basically just keeping a number of your encrypted files on the server of the different exchanges that you're dealing with.

This means that if you're looking at "protecting" these files, you have to ensure that they are not accessible to either the company managing them, or anyone who may hack the service. This means - basically - that you should take the coins/files/tokens and put them into your own hardware and software wallets.

As a rule, you should only be keeping the files/tokens that you want to use immediately in a "hot" (software) wallet. This allows you to gain immediate access to them regardless of whether they're being used for particular activities or not. Obviously, being connected to the Internet means that a "hot" wallet is certainly in line for being hacked.

What Constitutes A "Hack"?

In terms of the various crypto "exchanges" - a "hack" comes in two forms.

1. Firstly, a "hacker" can gain illegal access to the exchange's servers, and essentially direct "crypto" assets into a wallet they own. This is the most common form of hacking, as it opens the entire exchange to the hacker, and is where we see the majority of losses.

2. Secondly, a user can send tokens to a fake account / system which essentially steals them without any sort of identification being shown to the user (hence preventing the coins' return). This doesn't often involve the exchange itself, but is done automatically through a different process. It only works because the victim/user has currency accessible in their "crypto" wallet.

In both of these instances, the "hack" is basically where a user will take what is the property of someone else, for their own gain. As mentioned, this can happen under many different circumstances, but will always result in the "coins" being stolen and put into the hands of others.

In terms of whether exchanges are able to handle this - the point is that "hacks" occur all the time, in all forms of technology. The best way to prevent it being a problem is not so much to block the hack itself (although that's important), but to make the user's data unusable if they are able to find it.

This has been achieved in a number of ways, mostly through the use of 2-levels of encryption (often referred-to as a "salt" in the technology world). This means that if the hacker is unable to obtain a secret passcode with their illicit data, they will not be able to use it.

In any case, the vigilance that should be shown by "crypto" users needs to remain high. The "crypto" space is the modern Wild West, and should be treated with massive respect.