Все публикации

Is it safe to keep cryptocurrency in an exchange?

How to keep cryptocurrency in an exchange. A review by a Bitcoin mixer: mixer.money
Is it safe to keep cryptocurrency in an exchange?

  1. Inadequate security
  2. Owner scam and fraud
  3. Following AML laws
  4. Signs of a secure exchange
  5. The safest crypto exchanges
  6. Conclusion

A cryptocurrency exchange is a handy tool where you can keep cryptocurrency, trade your assets and withdraw without much trouble. A big plus of the exchange is that the cryptocurrency that has passed through it is “cleared,” that is, it carries low risks associated with the history of use.
But is it safe to keep cryptocurrency in an exchange? There is one strong argument against it.

But is it safe to keep cryptocurrency in an exchange? There is one strong argument against it.

Inadequate security

Since 2011, more than $1.65 billion worth of cryptocurrencies have been illegally withdrawn from exchanges, just stolen. According to Hackernoon, this amounts to an inflation-adjusted loss of $12.6 billion.

img

Here are examples of the most notorious hacks:

table

Sometimes the problem is not only a lack of protection, but also the very principle of cryptocurrency storage. For example, QuadrigaCX exchange owner Gerald Cotten passed away on December 9, 2018, at the age of 30, taking all his private keys with him to his grave. The size of the assets in the cold accounts is estimated to be between $137 million and $190 million dollars. When you consider that Cotten had been creating pyramid schemes since he was 15 years old, the suspicion that his death was staged has some merit. The company eventually went bankrupt.

Owner scam and fraud

Exchanges and investment funds have shut down because of their own owners. For example, the founders of a South African investment firm founded in 2019, brothers Raess and Ameer Cajee, are suspected of stealing clients’ money. Police were prompted to this idea by the brothers’ suggestion that they would not follow a legal route to recover the money they had invested when the company closed. Some clients did contact the Hanekom Attorneys law firm. They filed a complaint with the police, claiming a loss of $3.6 billion in bitcoins and suggesting that the alleged hack was an exit scam, or, put simply, a runaway with customers’ money. The owners’ lawyer denied their guilt, but the Cajee brothers soon disappeared.

Following AML laws

Centralized cryptocurrency exchanges depend on the government, so they comply with numerous, sometimes contradictory, decrees related to cryptocurrency regulation. Mandatory Know-Your-Customer (KYC) procedures and user behavior analysis enable security departments to monitor illegal activities. However, in most cases, exchanges simply prefer to play it safe and block clients’ accounts, forcing the clients themselves to prove that they are not involved in illegal activities.

If the bitcoin entered into an exchange for storage has a “dirty” trace, even an innocent owner will be blocked. A similar situation will occur if a sanctioned address is found in the transaction chain. Even just holding cryptocurrency without doing anything can raise questions.

Signs of a secure exchange

To avoid blocking due to the suspicious history of the cryptocurrency you got, it is enough to use bitcoin mixer. The service will receive “dirty” coins, and will return other coins, that would hence be of low-risk.

You can estimate the level of protection from hacker attacks by yourself.

  1. HTTPS protocol. Now few people do not protect their site with SSL-certificate, but if the address of the exchange begins in HTTP, this is clearly a scam. The owners do not care about even the minimum level of protection, which suggests that their goal is to quickly collect money and close.
  2. Complicated password. If you were able to register with password “qwerty”, it means that exchange security is very poor, indeed – this password can even be hacked by a schoolboy. An appropriate password must contain uppercase, lowercase letters, numbers and special characters, and its length starts from 8 characters. Finding such a string is very difficult and time-consuming.
  3. Two-factor authentication (2FA). It can take place via SMS, email, phone. Remember that SMS is the least secure authentication, because it is not that hard to fake a phone number.
  4. Cold storage of assets. This approach provides keeping assets offline; it is therefore very difficult to hack such storage.
  5. Whitelists. Many clients of exchanges protect their assets by specifying the addresses, which are allowed to withdraw cryptocurrency. It means that unauthorized withdrawal would simply not occur – it will be blocked automatically.
  6. Other protection measures include multi-signatures, suspicious behavior alerts, email encryption, phishing protection and others.
  7. Asset insurance. Since the cryptocurrency market is poorly regulated by the government, exchanges insure their funds against theft on their own. Keep in mind that most of these insurance policies do not protect individual accounts and only apply to the exchange as a whole. Well-known platforms that insure their funds are Coinbase and Coinbase Pro, Circle, Gemini and Xapo.

The safest crypto exchanges

According to ICORating’s security report on exchanges, the safest cryptocurrency exchanges are:

  • Kraken (security grade A)
  • Cobinhood (A)
  • Poloniex (A-)
  • BitMEX (A-)
  • Bitfinex (A-)
  • Bitlish (A-)
  • BitMart (A-)
  • BtcTurk (A-)
  • Coinbase Pro (A-)
  • GOPAX (A-)
  • HitBTC (A-)
  • KuCoin (A-)

Conclusion

Despite all the security measures exchanges use, you still should not trust them unconditionally. As the history of exchange thefts shows, no platform is hack-proof. Therefore, it is better to have a private digital wallet. As renowned cryptanalyst and security entrepreneur Andreas Antonopoulos says: “Your keys, your Bitcoin. Not your keys, not your Bitcoin.”


logo bitcoin mixer mixer.money

Our Bitcoin mixer publishes a weekly roundup
of interesting news from the world of cryptocurrencies.
Visit our blog: