bitcoin exchange security

Cryptocurrency exchanges have fallen victim to hacking time and time again, with the vice greatly rising in the past two years as the prices of cryptos skyrocketed. According to a new report, crypto exchanges still have a long way to go to fully secure their users’ crypto assets. The report looked into possible security weaknesses including console errors, web protocols security and user account security and while most exchanges scored highly in some like user security, they failed terribly in other parameters such as domain security. The report found Coinbase Pro to be the most secure exchange, with Binance and OKEx emerging 17th and 42nd respectively.

A Long Way From Secure

The year kicked off with one of the biggest crypto heists in history after the Japanese Coincheck exchange was attacked and $500 million worth of NEM coins stolen. This hasn’t been the only hack this year with South Korean exchanges Bithumb and Coinrail being among the other high-profile heists. While some steps have been taken by some exchanges to revamp security, a new report has painted a grim picture of the security situation at some of the largest exchanges.

The report used four parameters, the first of which was console errors. These are errors in the coding which sometimes lead to malfunction but which are rarely critical. They can however lead to loss of data by the users. 32 percent of the 100 exchanges surveyed had these errors.

User account security was the second parameter, with some exchanges being found not to have two-factor authentication as well as allowing the creation of accounts without email verification. Only 46 percent of the exchanges were deemed safe by the report. In registrar and domain security, only 4 percent of the exchanges were found compliant with at least four of the five best practices expected in this area.

The researchers further investigated whether the exchanges possess the necessary protection measures against the various attacks lodged by cyber-attackers. Of the five expected protection measures, 29 percent of the exchanges were found not to contain any which leaves them susceptible to attacks, with only 1 in 10 having all five.

Coinbase Pro was found to be the most secure exchange with a score of 89. The exchange, formerly known as GDAX had perfect scores in all but one area. Fellow U.S exchange Kraken was second with a score of 80 out of a possible 100. BitMEX, GOPAX, CPDAX and Bitlish followed respectively in a list in which the major exchanges scored poorly. The world’s biggest exchange Binance was 17th with a score of 63, scoring particularly poorly in console errors and domain security.

Some of the other major exchanges on the list were HitBTC, bitFlyer, OKEx, Poloniex, Huobi and Bitfinex which held positions 18, 37, 42, 44, 47 and 54 respectively. Bithumb, which was attacked in June this year losing $30 million, was 78th on the list.


Security in the exchanges has been a major challenge, with some exchanges making reckless mistakes that have cost them dearly. In the Coincheck hack, it was discovered that the exchange stored most of its users’ tokens in a hot wallet which made them easier to steal for the hackers. Recently, decentralized exchange Newdex was hacked and lost $58,000 worth of tokens, exposing several vulnerabilities such as the lack of smart contracts.

Image(s): Shutterstock.com


I am a very awesome human. I love writing, and I am awesome at it. I am a blockchain and cryptocurrency enthusiast and championing the blockchain through well-crafted articles is what I do

6 COMMENTS

  1. Coinbase Pro has no volume. To execute an order at your price, they force you to buy or sell at market at a .3%+ taker fee. It’s outrageous. They really don’t want retail customers anymore.

    • I don’t understand what you mean. When I put in an order for x dollars, that’s what I pay. I only sold there once (to unload some BCH I got from the fork), but it was the same — I got what I asked for. I only make maker orders.

      I suppose I could find better prices on other exchanges, but you know how it goes — given how volatile these things are, you’re going to get your price sooner or later. Just give it a week or two.

      I surely don’t feel excluded as a retail customer. (I’m glad their safety is highly rated, but I move funds promptly to a cold wallet anyhow. I’ll worry about getting them out when this crypto thing finds its way into the general population — if I live that long!)

        • I just bought some BTC and LTC yesterday, as is my custom for the start of the month. I asked for a specific fraction of each (to 5 digits) so that they’d cost me round numbers of $X and $Y (I dollar cost average), and I got exactly the requested amount of each at exactly the price I requested. I then put them in my wallet (for NO BTC or LTC tx fee — and I don’t know how they swing THAT), and they took out exactly $X+Y (I keep a balance with them), which I’ll now replenish from the bank. The blockchains showed exactly the amount of each that I ordered a few minutes after I moved to the wallet.

          Coinbase Pro reports “Total Fees Accrued Past 30 Days $0.00”

          I know that if I make a market order there will be fees, but I never to that. I always specify a price — and they even tell you there’s no fee when you do that. (I suppose they like to promote market liquidity. I don’t ask too much when I like things.)

          There are commissions at Coinbase, but not Coinbase Pro, which is the old Gdax. (Coinbase will do the DCA for you, but you’ll pay them a fee for it. Also, you don’t get to choose your price.) Are you sure you’re using the service I am?

LEAVE A REPLY

Please enter your comment!
Please enter your name here