Why Does Your Crypto Project Need a Controlled Hack?

2018-9-29 08:41

Running your crypto project or ICO? Be prepared in advance that your startup may not only attract investors but also hunters for their money and data. According to the Ernst and Young report, which analyzed more than 370 tokens sales, every tenth dollar earned or invested in ICOs becomes prey to hackers. The authors also point to even more significant losses of crypto exchanges, which are deprived of two million dollars every month due to hacker attacks.

In addition, you can become a victim of DDoS-attack, extortion, phishing attack or malicious program due to vulnerabilities that you did not even suspect, neglecting the security audit. Meanwhile, your colleagues and competitors are already set for spend the budget on an independent security assessment.

The weak protection of projects – especially ones originating from the CIS and Asia – provoked a downturn in the market, says Dmitry Budorin, CEO of Hacken and HackIT 4.0, the annual forum on cybersecurity held in Ukraine.

Millions stolen

Apart from the sensational collapse of The DAO in 2016, when a promising project lost $ 60 mln, there’s a mass of less memorable attacks, in which millions were also stolen.

In 2017, a New York-based blockchain startup Veritaseum (p2p-platform, focused on financial markets) lost more than $8 million, which were injected by investors during the ICO. An unknown attacker (or group) stole tokens and immediately managed to sell them. Fortunately for investors, the tokens belonged to the project, so none of the users suffered financial losses.

In the same year, KICKICO platform underwent DDoS attacks twice while conducting its pre-sale. The website received a lot of requests which it couldn’t cope with and was forced to suspend service to all users. Later, the KICKICO team received a letter from the scammers with a proposal to provide security against similar DDoS-attacks. However, the developers connected a service that protected the site.

Later, in July 2018, hackers gained direct access to KickCoin smart contracts and took possession of 40 accounts, destroying them and creating 40 identical accounts. The platform’s team didn’t know about the breach until several victims turned to complaints. Users discovered the loss of tokens totaling $ 800,000 in their wallets.

“To prevent such situations, which puts the reputation of your project at stake, it’s worth to spend on assessing security and implementing compensation measures than to lose reputation or even business in the future”, Dmitry says.

An independent audit by specialists is much preferable to self-testing, at least when it comes to the application and infrastructure pen test, the social and technical testing of the development team. But ideally, those going to launch their product have to use the bug bounty and vulnerability reward platform.

Typically, the security assessment consists of:

collecting information: obtaining data from the client or other open resources, use of the threat model – a plan for entering the system, performing the manual and automatic analysis to identify vulnerabilities, exploiting vulnerabilities to understand how the attackers can use them and whether they are able to damage the system and the company as a whole.

Consequently, a report should appear, where all actions at each stage are documented, as well as recommendations for eliminating the vulnerabilities.

In accordance with safety assessment standards, the auditor must validate the source code of the contract, confirm that it operates in accordance with the specified public specification and confirm that there are no errors and “backdoor” for the developer.

“Today, after experiencing the consequences of the Wild West in crypto, many projects understand the need for an audit. A project dealing with their security in the long term can already be considered half-valid”, Dmitry adds.

In order to better understand the weaknesses of your project, arrange its “white” hack. The closest opportunity to look at how controlled hacking of crypto projects takes place is HackIT cybersecurity forum which will be held from October 8 to 11 in Kiev. In addition to the two-day conference and exhibition area, the program includes CTF (Capture the Flag) competition and the guided tour to the Chernobyl nuclear power plant to illustrate the consequences of man-made disasters.

 

The post Why Does Your Crypto Project Need a Controlled Hack? appeared first on NewsBTC.

Similar to Notcoin - TapSwap on Solana Airdrops In 2024

origin »

Hive Project (HVN) на Currencies.ru

$ 0.0045874 (-2.13%)
Объем 24H $10.918k
Изменеия 24h: -5.90 %, 7d: -1.60 %
Cегодня L: $0.0045874 - H: $0.0045874
Капитализация $1.882m Rank 999999
Цена в час новости $ 0.027114 (-83.08%)

your crypto project does controlled hack need

your crypto → Результатов: 126


Фото:

Four Steps for Total Crypto Security

When it comes to keeping your crypto safe from outside theft or harm, plenty can be done. You wouldn’t leave your wallet out in public unattended. You wouldn’t leave your car in a lot with the keys in the ignition – so why trust that your digital currency is any safer? Secure your PC, yourself […] Four Steps for Total Crypto Security was originally found on [blokt] - Blockchain, Bitcoin & Cryptocurrency News.

2018-9-25 17:39


Action Fraud Warning: High Incidence Of Prowling Wannacry Ransomware, Phishing, Targeting Crypto users

Action Fraud, UK’s cyber crime watchdog has warned cryptocurrency users to be watchful of phishing emails which use Ransomware WannaCry. Issuing the red alert, the regulator said, “The WannaCry emails are designed to cause panic and trick you into believing that your computer is infected with WannaCry Ransomware,” and users have to be careful not […] The post Action Fraud Warning: High Incidence Of Prowling Wannacry Ransomware, Phishing, Targeting Crypto users appeared first on ZyCrypto.

2018-6-26 19:58


Фото:

How To Find The Perfect Cryptocurrency

With so many available cryptocurrencies, its often hard to put your focus on just one cryptocurrency. Of course, many investors will invest in multiple currencies and as a matter of fact, this is sometimes unavoidable (some currencies can only be bought with other cryptocurrencies for example) but even so, the markets are a minefield at the moment, making it really difficult for investors to decide how to proceed.

2018-6-25 16:00


Фото:

Liechtenstein’s “The Blockchain Act”, Crypto Currency, Initial Coin Offering, and words from the Prime Minister

The blockchain law — so called Blockchain Act — was announced by Adrian Hasler at this year’s Finance Forum on March 21. Cointelegraph spoke with the prime minister about blockchain regulation, the politics regarding this technology and cryptocurrencies, ICOs and the business climate in Liechtenstein.

2018-6-24 16:08


Фото:

You Can Now Exchange Your Leftover Euros for Crypto at Schiphol Airport

One of the most inconvenient things about international travel is getting stuck with foreign money that can’t be accepted in your home country. Luckily for passengers and visitors to Schiphol Airport, they now have the chance to experience the benefits of a truly global currency first hand and get rid of their fiat at the […] The post You Can Now Exchange Your Leftover Euros for Crypto at Schiphol Airport appeared first on Bitcoin News.

2018-6-20 16:30