Bilaxy, a trading platform registered in the Seychelles, recently reported that their hot wallet was hacked.
⚠️⚠️Top Urgent Bilaxy Hacked Notice
Please note that the Bilaxy Hot Wallet has been hacked. Please stop sending money to your bilaxy accounts. We’ll stop to check and repair with the times. Please wait for further communication.@ICODrops @ICO_Analytics @CoinMarketCap @
– Bilaxy (@Bilaxy_exchange) August 29, 2021
The extent of the loss was unclear, but some estimates put it in excess of $ 400 million. HOGE, a DeFi token, confirmed on Twitter that the network lost over $ 1 billion worth of HOGE worth $ 22 million in the attack. The losses caused by this theft could exceed those of the previous stock market attack on Japan-based Liquid Global. It lost $ 80 million in cryptocurrencies last week.
Upon confirmation, Etherscan has displayed caution regarding the addresses reported to be involved in the bilaxy scam.
What attracts hackers?
Centralized cryptocurrency exchanges continue to be the target of hackers due to their abundant liquidity. While some of the big exchanges like Gemini and Binance rely on insurance, it doesn’t reduce the risk of hacks. It can only guarantee investors a refund without a large discount. So what’s the solution?
Dr. Amber Ghaddar, the founder of the AllianceBlock crypto platform, recently told the BBC:
“We need audits and tests. We need different standards that have to be monitored to protect the market integrity if we really want the cryptocurrency to be adopted en masse. “
Centralized cryptocurrency exchanges report a hack, usually when money is lost. And the lack of a global reporting framework leads to lax security measures. While exchanges use two-factor authentication (2FA) to carry out transactions, it is not enough. Hackers exploit weaknesses in other layers of the protocol to launch an attack, with hot wallets being the most vulnerable.
A security audit of the exchange’s smart contracts is therefore required. According to recent reports, the US Securities and Exchange Commission has signed a $ 125,000 contract with AnChain.AI, a blockchain analytics firm, to oversee the DeFi industry. The company will provide the authorities with preventive solutions to avoid an attack.
In the event of an attack, the authorities can also track the transfer of funds, just as they enforce money laundering regulations. According to Chainalysis, ransomware money laundering is concentrated and often ends up in exchanges after going through a blender to hide its origins. Therefore, authorities can effectively track these transmissions through a handful of operators to prevent hackers from turning their hack into fiat.
Regulators need to catch up in technology to keep investors safe. Until then, centralized exchanges can ensure some systematic protections like bug bounties, third-party custodian agreements, and foolproof cold storage for added security.