Two Security Compromises in the Blockchain Ecosystem

It’s time to talk about another few crypto scams that have occurred or been unearthed in the last week or so.

Coinroom, a Polish cryptocurrency exchange, has apparently shut down and disappeared with their customers’ money. They basically stopped operating overnight and vanished off the face of the Earth. Registered in 2016, the company is now being revealed to have some fairly sketchy practices in place.

First, their regulations stipulate that customers only have one day to withdraw their funds. Most customers sign these things without even looking at what they say, and that is a very strange regulation to have. Coinroom seems to have sent an email blast to customers announcing the termination of their contracts and giving them the one day to withdraw funds, but even the customers who did act in time allegedly received part or none of their money.

A Coinroom customer went to the company’s headquarters 2 days after receiving the email, and “the lady at the reception did not want to let me in, she claimed that nobody was in the office. Instead, she called someone from the company. I was asked to leave my details. Nobody contacted me.”

What This Says About Exchanges

This is where it actually makes sense to look at the backers and countries supported for cryptocurrency exchanges. When people put their reputations on the line to work with a company, you can trust that there is going to be a higher quality of care in that case. Frankly, this is one of the reasons that Coinbase has been successful. They are viewed as the most trustworthy.

A lot of exchanges are fly-by-night operations that have just popped up and are depending on low fees and looser privacy disclosures to attract new customers. This is fine, but comes with risks that customers should be aware of. Even if a company doesn’t have well-known backers, it helps to look at what countries it operates in. Having U.S. operations makes it far more likely that they are meeting some regulatory guidelines.

Wallet Service Compromised

Another security hiccup has occurred in a hack of GateHub, a cryptocurrency wallet service. On June 6th, they announced that 100 Ripple Ledger wallets were compromised, likely using an application programming interface (API) to gain access to the encrypted keys.

The total “take” from the heist amounts to $9.5 million, a large portion of which has already been laundered through mixer services. Funds are often laundered out through cryptocurrency exchanges, with mixing services, merchant service providers, and peer-to-peer networks also being a big part of the exit plan for hackers.

GateHub has not posted any official or final conclusions, but with 23,200,000 XRP missing, this does not reflect well on their security. Hackers were able to identify a security flaw in their system, scale it out over more addresses, and co-opt a large amount of funds before anyone was the wiser.

This is once again representative of the problems in the industry that result from low barriers to entry and minimal regulation. Although those are often seen as a good thing – “democratization” – it can also be bad for consumers who don’t know enough about how to manage their funds. Cryptocurrency wallet services are not something to trifle with and users should all be aware of the risks.

Most Popular

1

Min Deposit

$ 100

User Score

5

CFDs on BTC, ETH, LTC, NEO, XRP, IOTA, EOS, BAB, ADA, TRX, XMR

No need to open a crypto exchange account or use a special wallet

Regulated Broker - FCA, ASIC, CySEC (license number 250/14)

Visit Site more info

Description:

Plus500 is a leading provider of Contracts for Difference (CFDs), delivering Leveraged trading on +2,000 financial instruments, including Forex, Commodities, Indices, Shares, Options and Cryptocurrencies. CySEC license number (#250/14)

Payment Methods:

Bank Transfer, Debit Card, PayPal, Credit Card, Visa, Mastercard, American Express, Trustly, Apple Pay, Google Pay, Discover, Bank Transfer: SEPA, Bank Transfer: FPS, skrill

Full Regulations:

ASIC, FCA, FSA, MAS, CySEC #250/14

82% of retail investor accounts lose money when trading CFDs with this provider. You should consider whether you can afford to take the high risk of losing your money.

2

Min Deposit

$ 10

User Score

4.95

Up to $240 bonus!

Build a diversified portfolio with crypto, stocks, and ETFs — all in one place.

Trade on the world's leading social trading and investing platform

Open Account more info

Description:

eToro offers a wide range of cryptos, such as Bitcoin, XRP and others, alongside crypto/fiat and crypto/crypto pairs. eToro users can connect with, learn from, and copy or get copied by other users.

Payment Methods:

Bank Transfer, Debit Card, PayPal, Credit Card, Wire Transfer

Full Regulations:

CySEC, FCA

3

Min Deposit

$ 0

Promotion

User Score

4.8

Get insights from millions of investors, creators, and analysts

Build your portfolio of stocks, ETFs, and crypto–all in one place

No minimum deposit

Visit Site more info

Description:

Public is an investing platform that allows you to invest stocks, ETFs, crypto, and alternative assets like fine art and collectibles—all in one place.

Payment Methods:

Debit Card, Wire Transfer, Check, Bank Wire

Full Regulations:

Cryptocurrency execution and custody services are provided by Apex Crypto LLC (NMLS ID 1828849) through a software licensing agreement between Apex Crypto LLC and Public Crypto LLC. Crypto trading on Public platforms is served by Public Crypto LLC and offered through APEX Crypto. Please ensure that you fully understand the risks involved before trading.

4

Min Deposit

$ 1

Promotion

User Score

4.75

0% deposit fees, 0% withdrawal fees, 0% trading commissions

Set up automated trades and up to 50 limit orders with ease

Buy and sell 90+ cryptos and utility tokens, precious metals and national currencies with as little as $1

Visit Site more info

Description:

Create your account in minutes and start trading 90+ cryptos and other assets on the most flexible trading platform.

Payment Methods:

Full Regulations:

5

Min Deposit

$ 0

Promotion

User Score

4.7

No Hidden Fees

Instant Trading

Secure & Transparent

Visit Site more info

Description:

World's longest-standing crypto exchange. Since 2011 Bitstamp has been providing a secure and reliable trading venue to over four million individuals and a range of institutional partners.

Payment Methods:

Bank Transfer, Debit Card, PayPal, Credit Card, Apple Pay, Google Pay

Full Regulations:

6

Min Deposit

-

Promotion

User Score

4.65

Strong security controls and adherence to regulatory compliance. Their certifications include ISO/IEC 27001:2013, SOC 1 Type 2, and SOC 2 Type 2

Users can spend their crypto holdings with the Gemini Mastercard®, issued by WebBank.

Offers an advanced trading platform, tailored for experienced traders.

Visit Site more info

Description:

Gemini is a full-reserve and highly-regulated cryptocurrency exchange and custodian. Founded in 2014 and based in New York City, it operates in 70+ countries. Gemini offers a secure platform for buying, selling, storing, and converting crypto assets. They prioritize user safety and even provide a Gemini Mastercard for spending crypto holdings.

Payment Methods:

Ethereum, Bank Transfer, Bitcoin, Debit Card, PayPal, Credit Card, Wire Transfer, Visa, Mastercard, Cryptocurrencies, American Express, ACH, Apple Pay, Google Pay

Full Regulations:

NYSE

7

Min Deposit

$ 50

Promotion

User Score

4.65

Log in using the app and claim the Mystery Box to receive up to $10,000 in reward

One of the top digital asset exchanges by trading volume

Serving millions of users in over 100 countries

Visit Site more info

Description:

OKX is a world-leading cryptocurrency exchange, providing advanced financial services to traders globally by using blockchain technology.

Payment Methods:

Bank Transfer, Debit Card, PayPal, neteller, Credit Card, Wire Transfer, Visa, Mastercard, American Express, AdvCash, AliPay, QIWI, WeChat, Discover, Banxa, Simplex, Mercada Pago, PicPay, Bank Transfer: SEPA, Easypaisa, Esewa, FasterPay, Gcash, IMPS, Interac e-Transer, Itez, JazzCash, Mercuryo, Monese, MoonPay, Naqui, Papara, PIX, RAAST, Safaricom, Wise, Zain Cash, Zen, Cash App, M-PESA, PhonePe, Tinkoff, Vodafone Cash, Bank Transfer: UPI, Payoneer, Paytm, skrill

Full Regulations:

Trading in digital assets is considered high risk. Digital assets are NOT backed by any government or central bank. The risk of loss in trading or holding digital assets can be substantial. You should carefully consider whether interacting, holding, or trading digital assets is suitable for you in light of your financial condition.