Expert Commentary On Crypto Exchange EXMO Hacked

In response to reports that British cryptocurrency exchange EXMO has disclosed that unknown attackers withdrew almost 5% of its total assets after compromising its hot wallets, cybersecurity experts at Cerberus Sentinel and Clear Skies offer perspective.

Brad Mackenzie
December 22, 2020
CEO
Clear Skies

A best practice is not to store and hold large amounts of funds in hot wallets on exchanges but rather transfer to either a cold hardware wallet (that has appropriate recovery codes set and stored securely) or to a standard bank account as the case may be on completion of the exchange transaction. This seeks to reduce personal exposure and loss in case of an exchange compromise.

Chris Clements
December 22, 2020
VP
Cerberus Sentinel

Cryptocurrency exchanges are attractive targets for cybercriminals for many reasons.  First, the nature of many cryptocurrencies makes it much easier to move funds without interference from government and traditional financial institution oversight.  This means that the attackers are much more likely to keep any stolen funds.  Secondly, many of the businesses that have sprung up around the cryptocurrency boom have done so extremely hastily to cash in the excitement.  However, this often means cutting corners around secure software development, auditing, and testing.  Inevitably this leads to situations where organizations like exchanges that control appealing crypto-assets lack critical security controls and monitoring that expose their users.

