A cryptocurrency exchange called Beaxy halted trading across the board on August 12 after a large-volume sell-off of XRPs (ripple tokens) armored the price of the tokens on the exchange:
The exchange corresponded to the suspension in a blog post with the following words:
“We recently noticed an unusually high level of activity in XRP-BTC. As a result, as a precautionary measure, we are temporarily suspending all trading activities and withdrawals on the exchange while we investigate. “
At the time of writing, XRP trades are still on the exchange.
On the evening of August 12th, Beaxy reported on Twitter that the crash was due to an “XRP installment exploit”:
Fast update. The exchange was targeted today with a $ XRP installment exploit. Beaxy was also targeted. We identified and applied a fix. To move forward, we reset relevant trades on the exchange to the point in time when they were identified.
– Beaxy (@BeaxyExchange) August 13, 2019
The exchange also promises the return of misappropriated funds, saying that trading “will remain frozen as we work to return to the previous state”.
Some commenters on the Twitter thread accuse the exchange of failing to fix an exploit that was identified some time ago.
Others question Beaxy’s claims that other exchanges were also affected:
“Exchange”, also known as you for incorrectly implementing partial payments. This is not an exploit, it is an incompetence.
– D5V1N2 (@ D5V1N2) August 13, 2019
According to The Block, a Beaxy team member was exposed to a SIM swap hack right before Beaxy’s launch about two months ago.
In a SIM swap attack, hackers typically “phish” personal information (via misleading email) from a target and use that information to convince a telecommunications company to transfer control of the victim’s phone to hackers.
Once this happens, hackers can often exploit a plethora of other information and / or gain access to many sensitive accounts.
Regarding the SIM swap hack, Beaxy’s CEO, Arty Hamazaspyan told The Block:
“The incident we witnessed was a SIM attack on a team member with fake ID and social engineering. Our individual security practices have improved across the company.”
According to the outlet, new crypto trading platforms are entering a market that is already populated by 258 established companies.
Emerging exchanges also have to deal with a dangerous amount of hacking activity carried out by both private and government sponsored attackers.
Security firms say government-sponsored hackers have targeted crypto exchanges for years after partially deterring their efforts to attack banks in developing countries.
An anonymous source recently told Crowdfund Insider that its bank is blocking 300 cyberattacks a day.