The world of cryptocurrency is constantly developing, but along with it, the incidents of cyber attacks are also increasing rapidly. Recently two big incidents Coinbase Hack and Wazirx hack Has shocked Global and Indian Crypto Community. There was a loss of crores of rupees in both these cases, but the special thing is that there was a serious equality in these hacks, both of them had a big role of internal security processes failure and third-party access.
Failure of internal security: both exchanged careless
Wazirx Hack took place on 23 May 2024 where unknown hackers stole a $ 234 million cryptocurrency directly to the internal security of Wazirx’s “Multi-Signar Wallet”. The most surprising thing was that the original infrastructure of the exchange was not breeted, but through an off-chain system, the hacker got the approval of fund transfer. That is, the attack was on the internal verification mechanism of the platform, not its blockchain security.
On the other hand, Coinbase Hack was also a separate but equal nature case. This veteran US company, counted among the safest exchanges, fell victim to a “social engineering attack” in August 2023. In this, the hackers targeted an employee of the company and reached the company’s internal system through third-party software like Okta. Data was accessed in the attack, although coinbase claimed that no user funds were stolen.
What is equality?
The most important and worrying in both these hacks was the weakness of internal and third-party systems. That is, no hacker could break the main blockchain system of these companies, but they got access from within. In both cases, the authorization and verification procedures proved weak, allowing the attackers to do transactions without any disturbances.
This means that no matter how “blockchain-mature” the Crypto Exchange is weak, if its internal controls are weak, it also becomes an open door. This equality indicates that in future crypto companies will have to pay the same attention to the off-chain and internal system security.
Difference in reaction between the two exchanges
Where Coinbase Hack After the platform immediately started investigating with FBI and Cybercrime Agencies, while Wazirx’s response was a bit slow and unclear. Wazirx only said that they have “flagged” suspected wallets and are working closely with blockchain analytics companies. However, no clear information has been given on how the users will compensate for the loss.
Conversely, Coinbase, while taking transparency, published a full -fledged review on his blog and also stated that the user funds are completely secure.
Lesson for users and warning to industry
It has become clear from both these cases that it is not enough to rely on the Crypto Exchange only on technical security or brand. Users should now check which third-party apps, vendors or authentication tools. Also, exchanges should make cyber training mandatory for their employees, so that attacks like social engineering can be stopped.
This is a serious warning for the Crypto industry, as well as the same investment on blockchain security as well as “human security” and “system security”.
Conclusion
The biggest similarity in these hacks of Wazirx and Coinbase was that both were not blockchain, but the weaknesses of human mistakes and internal controls were taken advantage of. In the coming time, if the exchange does not pay attention to these aspects, only relying on technology will not be able to save them from great losses.
