A cryptocurrency exchange called Beaxy halted trading across the board August 12th after a high-volume sell-off of XRPs (Ripple tokens) tanked the tokens’ price on the exchange:
The exchange corresponded about the suspension in a blog post, stating:
“We recently experienced unusual(ly) high volume activity on XRP-BTC. As a result and precaution, we are temporarily halting all trading activity and withdrawals across the exchange as we investigate.”
At the time of writing, XRP trades are still suspended on the exchange.
On Twitter, Beaxy reported on the evening of August 12th that the crash occurred as a result of an “XRP partial payment exploit”:
Quick update. Exchanges were targeted with an $XRP partial payment exploit today. Beaxy was also targeted in this. We’ve identified and applied a fix. To move forward, we are rolling back relevant trades on the exchange to the moment it was identified.
— Beaxy (@BeaxyExchange) August 13, 2019
The exchange also promises to return any misappropriated funds and says trading will remain, “frozen as we work on reverting to the previous state.”
Some commenters in the Twitter thread are accusing the exchange of failing to fix an exploit identified some time ago.
Others are questioning Beaxy’s claims that other exchanges were also affected:
"exchanges" aka just you because you implemented partial payments wrong. This isn't an exploit it's incompetence.
— D5V1N2 (@D5V1N2) August 13, 2019
According to The Block, just before Beaxy launched approximately two months ago, a Beaxy team member was subjected to SIM-swap hack.
In a SIM-swap attack, hackers typically “phish” (solicit via deceptive emails) personal information from a targeted individual then use that information to convince a telecom company to transfer control of the victim’s phone to hackers.
Once this happens, hackers can often exploit a wealth of other information and or/access many sensitive accounts.
Regarding the SIM-swap hack, Beaxy CEO Artak Hamazaspyan told The Block:
“The incident we experienced was a SIM attack on a team member involving a fake ID and social engineering…Our individual security practices have improved across the company as a result.”
According to the outlet, new crypto trading platforms enter a market already populated by 258 incumbents.
Nascent exchanges also have to cope with a dangerous amount of hacking activity being executed by both private and state-sponsored attackers.
An anonymous source recently told Crowdfund Insider that his bank is fending off 300 cyberattacks per day.