The security of cryptocurrency exchanges is back in the news after hackers hacked QCoin. But this should not surprise people because exchanges are vulnerable by design, according to Pipet CEO Ben Zhou.

where he told the Zoo Coin Telegraph, that exchanges were one point of failure. As a central web application, exchanges are vulnerable to the same security issues as all other websites.

and security is becoming more and more important as investors and traders increasingly alert exchanges to the task of protecting funds.

Zoe explained that the vast majority of cryptocurrency exchange servers and storage networks keep digital currencies in hot wallets. Hot wallets, if not properly protected, can make them vulnerable to theft.

Zou also believes that the cold wallet system is more secure because hot wallets are connected to the internet, making them more vulnerable to penetration.

On the other hand, cold wallets are offline. The only downside is the inability to make large withdrawals from the stock exchange immediately.

According to Zoe, investing in security should be one of the highest priorities on the agenda of exchanges, especially if they operate online. To combat potential hacking threats, exchanges also need to better address vulnerable areas and apply multiple layers of security for penetration testing.

and any security system should also protect information across all interaction points. This means protecting user data from account registration, login, trading and any exchange of information with the platform.

Zou added that: This can be achieved by implementing best practices for managing the application life cycle, hiring knowledgeable and reputable security advisors for penetration testing and running bounty programs within the community. Ethical selectors to identify any potential weaknesses.

Zoe also recommends that cryptocurrency exchanges work with reputable security firms to conduct security audits, implement strict management processes, and invest in a no-trust architecture. A zero-trust architecture requires the verification of anyone accessing a service to prevent any potential data breaches internally and externally.

He said that there are many bespoke security solutions from external vendors that exchanges can use, but he noted that they can also be developed internally.

...