151 Interactions, 4 Today
IBilaxy, a Seychelles-registered trading site, recently claimed that its hot wallet had been compromised.
⚠️⚠️Top Urgent-Bilaxy Hacked Notice
Pls note Bilaxy Hot wallet was hacked, ❌pls DON’t send any funds to your bilaxy accounts again. We are racing with the time to checking and fixing. Pls wait for further Notice.@ICODrops @ICO_Analytics @CoinMarketCap @
— Bilaxy (@Bilaxy_exchange) August 29, 2021
The extent of loss was unclear, but some estimates claim it to be over $400 million. HOGE, a DeFi token, confirmed on Twitter that the network has lost over 1 billion HOGE worth $22 million in the attack. The losses caused in this theft could overtake those in the previous exchange attack on Japan-based Liquid Global. It lost cryptocurrencies to the tune of $80 million last week.
After the confirmation, Etherscan has indicated caution with regards to the addresses reported to be involved in the Bilaxy scam.
What attracts hackers?
Because of their high liquidity, centralised cryptocurrency exchanges remain a target for hackers. While insurance is used by some of the larger exchanges, such as Gemini and Binance, it does not eliminate the risk of attacks. It can only guarantee a reimbursement to investors without a significant haircut. So, what’s the answer?
Dr. Amber Ghaddar, the founder of crypto platform AllianceBlock, recently told BBC,
“We need auditing and testing. We need to have various standards that need to be monitored in order to protect market integrity if we really want cryptocurrency to reach mass adoption.”
Centralized cryptocurrency exchanges declare a hack, usually after money is lost. In addition, the lack of a global reporting system leads to inadequate security measures. While two-factor authentication (2FA) is used by exchanges to perform transactions, it is insufficient. Hackers use flaws in various layers of the protocol to carry out an attack, with hot wallets being the most vulnerable.
Therefore, a security audit of the exchange’s smart contracts is a requirement. As per recent reports, the U.S. Securities and Exchange Commission signed a deal worth $125,000 with AnChain.AI, a blockchain analytics firm, to monitor the DeFi industry. The firm will provide preventive solutions to the agencies to avoid an attack.
In case of an attack, the authorities will also be able to track the transfer of funds, just like it enforces money laundering regulations. According to Chainalysis, ransomware money laundering is concentrated and often ends up in exchanges after passing through a mixer to hide its origins. As a result, authorities can effectively follow these transfers by a few operators in order to prevent hackers from converting their hack into currency.
To maintain investor safety, regulatory authorities will have to play catch-up with technology. Until then, centralised exchanges can provide some systematic security features such as bug bounties, third-party custodian agreements, and failsafe cold storage.