The gate.io exchange, a U.S.-based cryptoasset exchange, has taken precautionary measures against a possible security incursion, after it was tipped off that one of its service providers may have been penetrated by malicious software.
For security concern, we will remove the Statcounter’s service on https://t.co/tEtOTJxaQA. https://t.co/8kWqgDWNXb has always put security the first. To maximum your assets security, we suggest that you have 2FA and two-step login protected.— gate.io Exchange (@gate_io) November 7, 2018
Gate.io had been using statcounter.com’s statistics and traffic analytics services, which it claims is “one of the top stats tools providers in the world.” It was tipped off by another service, Slovakia-based ESET Internet Security services, who warned of “suspicious behavior” coming from statcounter.com.
The exchange did a broad sweep for possible security breaches on their site, finding nothing untoward; however, out of an excess of caution, discontinued the statcounter function anyway. The exchange says it will not continue using the service going forward.
Funds are safu
Eleven percent of top cryptoasset exchanges currently in operation have been hacked at some time in the past, according to CryptoCompare’s October exchange review. Gate.io was one of the exchanges which declined to participate in New York Office of the Attorney General’s report on the state of cryptoasset exchanges, released in September of this year.
A growing problem
Due to the irrevocable nature of cryptocurrency, exchanges present some of the most enticing hacking targets possible - once the funds are stolen, they cannot be returned, hardforks aside. A recent report showed that the frequency of cryptocurrency theft is rising, up 250% in 2018 versus the previous year, to almost $1 billion worth of funds stolen.
Certainly one of the most grave security events recently was a hack of a Binance trading application programming interface (API), which allows exchange trading through secondary applications rather than through the exchange’s own interface.
Binance being the biggest cryptoasset exchange in the world, the hack sent shockwaves through the cryptoasset industry; but fortunately the penetration was not of Binance itself, and was quickly contained. The hack allowed extreme price manipulation of some cryptoassets by taking control of trading bots and artificially inflating prices, including of Syscoin (SYS), which momentarily reached a comical value of 96 BTC, up from 0.000039 BTC.