Cryptocurrency exchanges in some of Africa’s biggest bitcoin markets have been forced to rethink their security to thwart persistent attacks from hackers, a trend that has troubled trading platforms all around the world.
Also read: Cointext Launches Bitcoin Cash SMS Wallet in Argentina and Turkey
The Worst Yet to Come for African Exchanges
Exchanges in the African continent have been relatively unscathed, suffering scant losses amidst the $930 million that’s been stolen from global exchanges so far this year, according to data by U.S. cyber security firm Ciphertrace.
The most notable assault on investor funds in the continent of 1.2 billion people happened around March in South Africa. It wasn’t a cyber attack on an exchange, but rather a scam. Fraudsters at BTC Global, a supposed cryptocurrency investment firm, made off with about one billion rand ($80 million) after 28,000 South Africans succumbed to the false promise of incredibly high, quick returns on their investment, police said.
As thefts have stoked exchanges worldwide, some African platforms have woken up to the need to strengthen their security to safeguard investor funds. This is particularly crucial in a continent where cryptocurrency markets are populated by people who trade with a certain degree of ignorance in many cases, lured by the promise of quick riches. Incidents of fraud or stolen money can smear a market struggling to build confidence in the absence of regulatory oversight.
“We have noticed a number of attempts to breach our system but we have managed to maintain our defenses and we keep on learning,” Suleiman Murunga, chief executive officer at Ugandan exchange Coinpesa, told news.Bitcoin.com.
“We (now) use suspicious activity monitoring tools to track user behavior in order to spot bad actors,” he said, adding that the company, one of the biggest in the East African country, also uses two-factor authentication.
Murunga stated that only a small portion of investor funds held on the exchange are kept in a hot wallet, of the kind targeted by hackers. The bulk of the funds are held offline, in cold storage.
Don’t Blame the Trading Platform – Blame the User
When breaches occur, exchanges are not always to blame. Sometimes investors simply aren’t careful. There have been instances where attackers gained access to individual accounts on the Zimbabwean exchange Golix before its forced shutdown in May, taking advantage of email password vulnerabilities to facilitate transactions.
Although no money was stolen, the 23 affected users noticed some changes to their accounts such as the conversion of their cryptocurrencies and the acquisition of additional coins through U.S. dollar balances they held in their accounts. This is according to Golix, which now has a presence in seven African countries. Back then, the exchange didn’t ask investors for 2FA upon signing up.
In Nigeria, Africa’s biggest bitcoin market, where trades reached $260 million on just one exchange this year, the threat of cyber attacks is real. In 2016, the Ibadan-based Naira4dollar firm didn’t receive the $15,000 worth of BTC it had bought to replenish its wallets after an attacker hacked into the trading platform’s system.
Investors in Nigeria and Ghana also fell victim to a $50 million hack of the Blockchain.info wallet, allegedly by Ukrainian hacker group Coinhoarder earlier this year. In the streets of Lagos, scammers take on false identities, infiltrating exchanges and various social media platforms promising outrageously high returns.
David Ayala, chief executive officer of Nairaex, which has more than 100,000 customers on its books, said all digital coins on the Nigerian exchange are stored “securely offline with Bitgo industry standards of multi-sig wallet.”
“Our platform is developed using best practices from the financial sector to maintain users’ security. We have maintained a secured network architecture since launch and we run scheduled tests and checks on the system for reliability,” he detailed, in emailed responses.
Is a Foolproof Security System Possible?
Often, hackers and scammers are a step ahead of their targeted victims, increasing the risk of persistent attacks. But will African exchanges ever implement foolproof security systems, or something approaching that ideal? William Chui, a Zimbabwean cryptocurrency enthusiast and former VP at Golix, proposed “A ‘walk-in’ model, where users [enter a physical premises] to buy [cryptocurrency] and are served while they wait.” It’s a model that’s proven popular in other countries such as South Korea.
He conceded, however, “This is not scalable nor feasible with the internet and will prove to be too slow. I doubt we can get a foolproof, secure system, but the [aim] will be to minimize losses as much as possible.”
Chui recommends that exchanges “invest in a technical development department that will continually penetrate the website, and offer bounties for external developers to do the same … Store a larger percentage of clients’ funds in cold wallets.”
Pesamill Africa in Kenya has gone as far as adopting Australian cryptocurrency industry regulations as part of efforts to align with global best practice. “We have built an exchange that fosters both peer-to-peer and centralized transactions in a safe and secure manner,” Brian Ngugi, Pesamill chief executive, told news.Bitcoin.com.
Whatever the case, African exchanges are at a stage in their development that holds a lot of promise for the growth of cryptocurrency use on the continent. Regulators will eventually step in, as is happening elsewhere worldwide. This will occur, not only to regulate and claim tax, but to make the cryptocurrency space stronger and sustainable.
What do you think about the level of security at African digital currency exchanges? Let us know in the comments section below.
Images courtesy of Shutterstock.
Verify and track bitcoin cash transactions on our BCH Block Explorer, the best of its kind anywhere in the world. Also, keep up with your holdings, BCH and other coins, on our market charts at Satoshi Pulse, another original and free service from Bitcoin.com
Nineteen firms have been granted provisional licenses to operate crypto exchanges by the Philippine government-owned Cagayan Economic Zone Authority. In addition, eight firms have paid the application fees and are being reviewed. A list of all 27 companies has been published.
Also read: 160 Crypto Exchanges Seek to Enter Japanese Market, Regulator Reveals
Provisional Licenses Issued
The Philippine government-owned Cagayan Economic Zone Authority (Ceza) on Friday published a list of all companies that have been issued Financial Technology Solutions and Offshore Virtual Currency (Ftsovc) and Offshore Virtual Currency (Ovc) licenses as well as those that have paid the application fees and are being reviewed.
As of Oct. 12, a total of 19 companies have received provisional licenses — 17 were issued provisional principal licenses while two were issued provisional regular licenses. Ceza detailed:
Provisional principal licenses [allow licensees] to conduct offshore financial technology solutions business activities and offshore virtual currency exchange activities … Provisional regular licenses [allow them] to conduct offshore virtual currency exchange activities.
The Philippine News Agency previously noted that “A principal license for Ftsovc operation under Ceza is priced [at] USD360,000, while a regular license is at USD85,000.”
Ceza Corporate Board Secretary Catherine Joy Alameda explained in July that provisional licenses are valid for six months. A company “will be able to acquire its permanent license when it is able to fully comply with the requirements of Ceza,” she described.
Licensees must have authorized capital stock of $500,000 with paid-in capital of $200,000. Furthermore, Ceza “requires each cryptocurrency exchange to invest at least USD1 million in a period of two years and must put up a back office in the Philippines,” the news agency wrote.
The 19 Licensees
The 17 companies that have been granted Ftsovc provisional principal licenses are Golden Millennial Quickpay, Ultra Precise Investment, Liannet Technology, Rare Earth Asia Technologies Corp., Formosa Financial Holdings, Tanzer Holdings, Asia Premiere International, Orient Express Global, White Ranch Limited, Dragon Empire Developments, Galaxy Plus Developments, Tiger Wheel, Ipe Global, Cr8tiv Solutions Management, Sino-phil Economic Zone Agency Development and Management Corp., Digifin Technologies, and Hong Kong Yuen Shing Hong.
The two recipients of Ovc provisional regular licenses are Cezex Trading Pte. Ltd. and Unicorn Venture Investment Ltd.
8 Firms Being Reviewed
Ceza is also currently reviewing eight companies that have already paid the application fees for the two types of licenses.
Six companies being reviewed for provisional principal licenses are Bitventures Inc., Mbex Inc., Idragon Science Development Corp., Seryna Coin Metrics Inc., Lideres Inc., and Cx Tech Pte. Ltd.
Two companies, Csm Corp. and Birdmouse Co. Ltd., are being reviewed for provisional regular licenses.
In July, Ceza announced that “about 20,000 jobs in financial technology (fintech) will open up as soon as it awards the initial 25 principal licenses to be made available to qualified fintech companies,” the Philippine News Agency wrote, elaborating:
Ceza expects to earn PHP3.6 billion [$66.6 million] from the initial 25 Ftsovc licenses that it will issue, on top of the 0.1 percent share per transaction value generated from the operation of the fintech firms.
In August, Ceza partnered with Northern Star Gaming and Resorts Inc. to develop a crypto and fintech hub called Crypto Valley of Asia.
What do you think of Ceza licensing all these companies to operate crypto exchanges? Let us know in the comments section below.
Images courtesy of Shutterstock and Ceza.
Need to calculate your bitcoin holdings? Check our tools section.
In recent news pertaining to cryptocurrency exchanges, Noble Bank is looking to sell after reportedly losing Bitfinex and Tether as clients, Bitmex has announced the former compliance head of Hong Kong Exchanges and Clearing Limited as its new chief operating officer, and Huobi’s director of research into blockchain applications has discussed the company’s goals for its upcoming transfer of operations onto its public ledger.
Also Read: Chrome Extensions Will Soon Protect Against Miners and Hackers
Noble Bank to Sell Amid Loss of Clients Tether and Bitfinex
Noble Bank International, a Puerto Rican financial services firm known for servicing Tether and Bitfinex, is reportedly looking to sell.
Informed by “a person with direct knowledge of the situation,” Bloomberg reports that “The bank has lost many of its customers, including Bitfinex and Tether, and is no longer profitable […] The company could sell itself for a price between $5 million and $10 million, based largely on the value of its Puerto Rican license to operate as an international financial entity.”
Bitmex Hires Former Hong Kong Exchanges and Clearing Limited Compliance Head
Bitmex has hired Angelina Kwan as the exchange’s new chief operating officer. Mrs. Kwan is the former managing director and head of regulatory compliance for Hong Kong Exchanges and Clearing Limited, and has also spent eight years working for the Securities and Futures Commission of Hong Kong.
Mrs. Kwan stated: “In addition to being a true market leader among trading platforms, Bitmex shares my value of gender inclusion, particularly in STEM fields. Cryptocurrency markets present an exciting new opportunity for women to get involved in the intersection of finance and technology, two fields in which they are chronically under-represented. Bitmex has made its commitment to meritocracy clear, and is sending the message that women with deep backgrounds in finance and business can execute at the highest level within cryptocurrency companies.”
Arthur Hayes, the chief executive officer and co-founder of Bitmex welcomed Mrs. Kwan to the company, stating: “I believe Angelina’s decision to join us is a signal that the global markets are shifting focus to the rapidly-expanding domain of crypto-coins. Angelina’s vast experience in regulation, trading platforms, business development, restructuring, and investor and stakeholder relations will be pivotal as we continue the push towards mainstream cryptocurrency adoption and broaden our community.”
Huobi Readies to Transfer Operations to Public Blockchain
The second largest cryptocurrency exchange according to Coinmarketcap’s adjusted volume rankings, Huobi, is preparing to migrate its operations to the company’s public blockchain.
In a recent interview, the director of Huobi Research of Blockchain Application, Hubery Yuan, stated: “We want it to become the world’s top public chain in terms of technolog[ical] sophistication. And a highly competent public chain coupled with strong operations, ecosystem, and communities can bring out great synergy.”
Voting to appoint the head of Huobi’s operational transfer project is currently underway.
Do you think that more cryptocurrencies will seek to conduct their operations on the blockchain? Share your thoughts in the comments section below!
Images courtesy of Shutterstock
The Bitcoin universe is vast. So is Bitcoin.com. Check our Wiki, where you can learn everything you were afraid to ask. Or read our news coverage to stay up to date on the latest. Or delve into statistics on our helpful tools page.
Traders hope and expect the exchange they’re trading on takes security seriously. But while all crypto platforms pay lip service to good cybersecurity practices, many fail at even the most basic measures such as enforcing strong passwords. New research has found 54% of all cryptocurrency exchanges have poor security in at least one area, leaving them and their users vulnerable to attack.
Also read: Japanese Regulators Urgently Respond to Zaif’s Hack
Despite Hundreds of Millions of Dollars in Hacks, Many Exchanges Still Have Shoddy Security
The cryptocurrency landscape has changed significantly since Bitcoin’s earliest days, but one thing that’s remained constant is exchange breaches. From the Mt Gox days to last month’s Zaif hack, exchanges have been regularly surrendering their funds, despite the increasing value of crypto assets incentivizing them to up their opsec. A detailed new report from ICO Rating has revealed the extent of the lax security practices that pervade many exchanges, including several supposedly top-tier platforms.
The ICO listing and analysis site profiled 100 exchanges whose daily volume exceeds $1 million and found most of them wanting in one or more areas. For example:
41% of exchanges allow passwords with fewer than 8 symbols
37% of exchanges allow passwords with either digits or letters alone
5% of exchanges allow the creation of accounts without email verification
3% of exchanges lack 2FA
Only 46% of exchanges meet all four parameters
Just 4% of Exchanges Were Found to Have Best Practice for Domain Security
ICO Rating also considered registrar and domain security. Specifically, it looked for things such as a registry lock, preventing unauthorized changes to the domain registry, and DNSSEC, to prevent DNS cache poisoning, which has been an attack vector previously used to target platforms like Myetherwallet. Its findings were as follows:
Only 2% of exchanges use registry lock
Only 10% of exchanges use DNSSEC
Only 4 % of exchanges use best practice in 4 out of 5 of these areas
Coinbase and Kraken Score the Highest – Okcoin the Lowest
ICO Rating concludes by publishing a table rating all 100 exchanges profiled according to their aggregated security score. No exchange manages to score 90% or higher but Coinbase comes the closest, at 89/100, followed by Kraken at 80 and then Bitmex and Gopax in joint third (78). Other notable entries on the list are Cobinhood (8th), Ethfinex (12th), Bittrex (13th) and Binance (17th).
The top 10 exchanges for security according to ICO Rating
Bottom of the list is Okcoin.cn, which scores just 15/100. Other noteworthy exchanges that score poorly are Mercatox (25/100), the hacked Zaif (29/100), and Bithumb (34/100). While previous attempts have been made at rating the security practices of cryptocurrency exchanges, ICO Rating’s report is the most detailed yet. It is not comprehensive, for it does not detail such matters as dynamic IP verification, withdrawal checks, and other security measures. Nevertheless, it provides a snapshot of the health of crypto exchanges and shows there’s room for improvement across the board.
Which cryptocurrency exchanges do you think suffer from lax security? Let us know in the comments section below.
Images courtesy of Shutterstock, and ICO Rating.
Need to calculate your bitcoin holdings? Check our tools section.
The Wall Street Journal reported that Crawford currency exchanges had potentially washed nearly $ 90 million related to criminal activity on Monday (October 46).
In particular, the journal reported that about $ 9 million was cleaned through ShapeShift AG, Erik Voorhees-led Cryptocurrency Exchange known to have allowed users to remain anonymous for two years. It is also the highest amount traded through a single exchange in the United States.
The journal's investigation has tracked funds from more than 2,500 password wallet addresses associated with the reported criminal activity and confirmed that the exchange has cleaned $ 78.6 million. While ShapeShift is registered in Switzerland, it claims to be operating in Colorado, USA, claiming it is "the country with the most funds in the United States."
Veronica McGregor, Chief Legal Officer of Veronica McGregor, who had been banned from the day exchange that reporters sent a "suspicious" address list to ShapeShift,
This report explains how reporters tracked their exchanges in a single deceptive plan, explaining ShapeShift and KuCoin's ache of dealings and purse addresses in the ethereum block chain. In ShapeShift, some $ 517,000 of the ethereum was converted to monero, for example, with a darkened trace.
The timing of the report will be noted within weeks of ShapeShift announcing the implementation of the "know-your-customer" rule from next month.
McGregor told the journal as part of an effort to "endanger" the exchange instead of "responding to regulatory enforcement actions".
Her statement reflected Voorhees's comment to CoinDesk that the move was "aggressive" to prevent future regulatory action.
"If the risk of not doing so is too great, we made a strategic decision, we did not make it light," he said.
Wash image with Shutterstock
CoinDesk, a leader in block-chain news, is a media outlet that pursues the highest standards of journalism and adheres to strict editorial policies. CoinDesk is an independent operating subsidiary of the Digital Currency Group, which invests in cryptocurrencies and block-chain startups.
(f.fbq) return; n = f.fbq = function () n.callMethod?
n.callMethod.apply (n, arguments): n.queue.push (arguments); if (! f._fbq) f._fbq = n;
n.push = n; n.loaded =! 0; n.version = & # 39; 2.0 & # 39 ;; n.queue = ; t = b.createElement (e); t.async =! 0;
t.src = v; s = b.getElementsByTagName (e) ; s.parentNode.insertBefore (t, s)} (window,
Document, & # 39; script & # 39 ;, & # 39; // connect.facebook.net/en_US/fbevents.js');
fbq (& # 39; init & # 39 ;, & # 39; 472218139648482 & # 39;);
fbq (& # 39; init & # 39 ;, & # 39; 239547076708948 & # 39;);
fbq (& # 39; track & # 39 ;, & # 39; PageView & # 39;);
In recent news pertaining to cryptocurrency exchanges, anonymous sources have stated that Ledgerx is preparing to launch ETH futures trading, Coinbase has announced a partnership with Caspian intended to target institutional investors, and the chief executive officer of Binance has shared his opinions regarding “trans-fee mining” and decentralized exchanges.
Also Read: European Regulator Renews Restrictions on Crypto-Based Derivatives
Ledgerx Reportedly Readying to Launch ETH Futures
According to an anonymous source, cryptocurrency derivatives trading platform, Ledgerx, is readying to launch ETH futures.
The source states that the company has an Ethereum options product ready for launch, however, is currently awaiting regulatory approval for such. The source added that Ledgerx currently has a meeting with the United States Commodities Futures Trading Commission scheduled for the 5th of October.
At the start of September, Business Insider cited anonymous sources in reporting that The Chicago Board Options Exchange (CBOE) was readying for the launch of ETH futures markets. The source predicted CBOE’s ETH futures may go live by 2019.
Coinbase Partners With Caspian to Target Institutional Investors
Major U.S.-based cryptocurrency exchange, Coinbase, has announced a partnership with Caspian to ”drive institutional participation in crypto.”
According to Caspian’s website, the company offers an “institutional grade […] asset management solution that covers the lifecycle of the trade,” with Caspian purporting to currently be providing services to 25 cryptocurrency exchanges including Binance, Bitfinex, Bitmex, and Gemini.
The chief executive officer of Caspian, Robert Dykes, stated: “We’re delighted to cement this important partnership with Coinbase, which will see one of the world’s leading digital currency trading venues join forces with one of the most exciting emerging crypto platforms.”
Kayvon Pirestani, director of institutional sales at Coinbase, stated: “By working together, Coinbase and Caspian will deliver institutional-grade order and risk management tools to the growing number of professional crypto trading firms around the world. Customers will be able to take advantage of the best elements of both platforms — accessing Coinbase’s extensive historical market data and deep pool of liquidity, and combined with Caspian’s suite of seamless trading tools. We see this partnership as not only a tremendous commercial opportunity, but as a chance to truly move forward the institutional adoption of crypto as a mature, tradable asset class.”
Binance CEO: Trans-fee Mining “Not a Threat,” Decentralized Exchanges “Are the Future”
During an interview conducted at the recent Consensus: Singapore 2018 conference, Changpeng Zhao (CZ), the chief executive officer and co-founder of Binance, dismissed the “trans-fee mining” model as posing no threat to Binance’s future, and shared his belief that “decentralized exchanges are the future.”
CZ described the trans-fee mining model as “damaging” to the cryptocurrency ecosystem, adding: “It’s not a threat. The exchanges will try to do that. The volume at the exchanges that have tried that have all come down. It’s a very complex way of raising money. The law of supply and demand tells us that since there’s always more platform tokens being issued, you can almost guarantee that the price will go down over time.”
CZ also expressed his bullish expectations for decentralized exchanges, stating: “I think decentralized exchanges are the future, but it’s going to take a few years to get there. For the foreseeable future, I think the volumes will not be as high. So, it’s more like an experiment. I think it’s more innovation; we’re still at the early stage of the industry.”
“Right now, most of the money is still in fiat. So, I think the sweet spot is actually to do the crypto-to-fiat exchanges,” he added.
Do you think that decentralized exchanges are the future? Share your thoughts in the comments section below!
Images courtesy of Shutterstock, Twitter.
At Bitcoin.com there’s a bunch of free helpful services. For instance, have you seen our Tools page? You can even lookup the exchange rate for a transaction in the past. Or calculate the value of your current holdings. Or create a paper wallet. And much more.
A recent Wall Street Journal investigation has found that $88.6 million in ill-gotten funds have been funneled through 46 cryptocurrency exchanges, the WSJ reported September 28. $9 million of the suspect funds reportedly went through crypto exchange ShapeShift.ShapeShift is a Switzerland-based digital currency exchange that was formed in 2014 by Erik Voorhees. Unlike other trading platforms, ShapeShift allows users to anonymously trade Bitcoin (BTC), which police can track, but can not identify the individual behind the transaction.To conduct its investigation of crypto money laundering, WSJ reportedly developed a computer program that tracked funds from over 2,500 suspected investment frauds, blackmail schemes and other alleged crimes that used BTC and Ethereum (ETH). To analyze ShapeShift transactions, WSJ downloaded and stored a list of the 50 latest transactions every 15 seconds, at the exchange’s website.Per WSJ, bad actors took advantage of ShapeShift’s services to convert BTC into an untraceable cryptocurrency Monero. ShapeShift further continued to process “millions” of fraudulently obtained dollars, but did not change its policy regarding users anonymity. In an interview with WSJ, Voorhees said that he does not think that “people should have their identity recorded to catch an occasional criminal.”WSJ subsequently provided ShapeShift with a list of suspicious addresses, which were allegedly using the exchange. Veronica McGregor, the chief legal officer at ShapeShift, told WSJ that the exchange reviewed and banned those addresses. She also said that the company plans to require user identification data starting Oct. 1.Commenting on Voorhees’s views regarding the company’s anonymity policy, McGregor said that “just because it’s the personal philosophy of the CEO doesn’t mean that’s how the business is going to be run. He’s not pro-money-laundering.”While users have not been previously obliged to sign in or register on ShapeShift in order to execute trades, the exchange will gradually introduce ID requirements for traders. Earlier this month, ShapeShift introduced a new rewards program, which will eventually become a mandatory membership model for the exchange’s users and require the provision of “basic” personal information.
window.fbAsyncInit = function()
appId : ‘1922752334671725’,
xfbml : true,
version : ‘v2.9’
(function(d, s, id)
var js, fjs = d.getElementsByTagName(s);
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = “//connect.facebook.net/en_US/sdk.js”;
(document, ‘script’, ‘facebook-jssdk’));