It should come as no surprise in the Bitcoin-sphere that accounts on Bitcoin exchanges are being targeted by hackers. Exchange accounts more than likely have Bitcoin stored on the platform which is incentivizing malicious hackers to try to access and steal user funds. With the price of Bitcoin hovering around $1250 USD and total trading volume just over $51M at the time of this writing, the bounty for successfully hacking an exchange account could be fruitful.
In an update from the Bitcoin exchange BTC-e, they wrote that hacking attempts on their exchange has increased recently, becoming more frequent.
The cases of hacking accounts with the use of viruses disguised as trade bots, trading platform, and also subscription for mailout, from which you may catch a virus if you follow a link in it, became more frequent. But we would like to use this situation to remind you once again how you can protect your account against hacking.
In the post, they provide good tips to help keep you safe. As a summary, the tips are:
- Use two-factor authentication (2FA) on your account. Also configure 2FA on your email account too.
- Also suggested is if it becomes known your are being targeted in a hacking attempt, to immediately change your email that you have tied to your exchange account.
- BTC-e also recommends you contact support notifying them if you believe someone is trying to hack into your account.
- In your exchange account, you should also whitelist your own IP address. You can also close all other sessions opened in your profile too.
Other common security precautions to take besides what BTC-e suggested above is to never click on hyperlinks in emails sent to you, especially if you don’t know the sender. Always check the sender email (even though they could be spoofed) and hover over all links to see where they point to.
When going to the exchange via the web, try to use a saved bookmark or go directly to the web address by manually typing it in. If you search via a search engine, chances are one of the top results are a phishing (scam) website. Always make sure you’re on the correct website before entering your login credentials.
Never reuse passwords. Instead try using a password manager which creates unique passwords for each website for you.
And if you aren’t an active trader, it’s always good practice to not store funds on the exchange when you don’t have to. Store them locally in your own secured wallet.
BTC-e didn’t make it clear on why the hacking attempts on the exchange have increased recently, however, there was a report on reddit just a few weeks ago about how a two year old hack on the popular BitcoinTalk forum has just been published on the haveibeenpwned security website. It’s possible that accounts from that hack are being targeted on Bitcoin exchanges now.