Heads up, I’m going to rant for a moment or two.

You know, it’s an awesome privilege to be working on/with cryptocurrencies and blockchains in general.

The potential transformative power of these technologies is amazing. Absolutely incredible.

But, as Spiderman found out early on, with great power comes great responsibility.

And here is where many are falling flat.

Indeed, not only haven’t some people learned from past errors of others involved in this area, but they’re not even following basic best practices. Best practices that, in some cases, have been known for literally over 25 years.

I’m talking about the recent hacks on exchanges.

Apparently, 5 South Korean exchanges have failed basic security tests and are susceptible to compromise using simple hacking tools.

EtherDelta, another cryptocurrency exchange focusing on Ethereum network-based assets, was also compromised.

This hack was one that truly had me shaking my head.

Why? Hackers didn’t even bother compromising the exchange itself. Instead, they changed DNS records to send people to a look-alike site where unsuspecting users happily gave the hackers their crypto!

I mean, really? DNS? That’s pretty old school.

And for all the efforts of crypto exchanges to encourage the use of 2FA/MFA (2-factor Authentication / Multi-factor Authentication), I’m puzzled as to how such a simple approach was able to be effected.

What domain company doesn’t support 2FA?

What sort of cryptocurrency company doesn’t use 3rd party tools that support 2FA?


And I wager this isn’t the last we’ll see of these sorts of things.

So, what can you do?

Advertisement. Article continues below

Well, the first thing is to extend the rule of “only spend/play with what you can afford to lose”. This means only keeping funds that you’re comfortable losing on exchanges and other hosted wallets.

Anything you can’t afford to lose should be kept in a wallet that you control. This could be a software wallet like Jaxx or a hardware wallet like the Ledger Nano S.

Another idea is to spread out your risk.

Any wise investor will tell you that should have a diversified investment portfolio.

Given that these hacks aren’t likely to end anytime soon (let’s be honest, they’ll never end), you could consider spreading your risk by using multiple exchanges and hosted wallets.

To summarise:

  1. Hacks against exchanges and hosted wallets will continue for the foreseeable future, especially given the lax security around some of them.
  2. Keep any crypto you can’t afford to lose in a software or hardware wallet that you control.
  3. Spread out risk of storing your crypto on hosted wallets and exchanges by using multiple services.

(Note: Notwithstanding our disclaimer, I was an Information Security professional in my former life and happen to know a couple of things about online security. That said, these are just my opinions and are worth exactly what you’ve paid to hear/read them.)

If you got something useful from this post, please share it on Facebook and Twitter so your friends can benefit from it too.

Donations and support are always greatly appreciated

BTC Wallet: 1LyutLaQ3sufbFcETue6kYbQHqZvYbvAD9

ETH ERC20 Wallet: 0xca0dd607339edee021fb95e4a63fc21f13f4de2f

LTC Wallet: LaPhoXcybZ3hHNs7jFeBo28uYXpYZe45w8

DASH Wallet: XtHavbmxb6gQixkBKXq2igQ2GhLUjLCh88

DOGE Wallet: DD2PN95XBgUvwRf5jbGV78d6nWEgVwjm4L

TL;DR Disclaimer: We are not financial advisors. We don't know what we're talking about. Do your own research and consult with a professional broker or advisor. Trading is risky. Investing is risky. We may receive small rewards if you follow links on our site. We endorse nothing. You are responsible for you.

Read our full disclaimer here.