A white-hat hacker saved Coinbase from potential disaster, alerting it to a critical vulnerability on the site.
Hacker morals save the day
In crypto, anything is possible.
Nothing made that more evident than the Poly Network hack in 2021 when an ethical hacker returned almost $900 million AUD and even got offered a job as Chief Security Officer at the protocol he broke into.
Something similar now happened to Coinbase, after a hacker who goes by the name of “Tree of Alpha,” successfully alerted the exchange’s team and CEO Brian Armstrong to a vulnerability. This security leak could have caused third-party attackers to send all Coinbase order books to arbitrary prices. Luckily, only a few hours after Tree of Alpha tweeted about having found a critical security leak, Coinbase disabled trading on its Advanced Trading platform for technical reasons. Both parties praised each other afterward for their respective help and responsiveness.
Coinbase’s Advanced Trading Platform, which is currently in its testing phase, could have caused a potential multimillion-dollar leak if it hadn’t been for the ethical hacker. CEO Brian Armstrong promptly thanked the hero of the day for working with the team and stressed how much he appreciates the crypto community helping each other out.
Ethical hackers are not the norm
Sadly, ethical hackers are rather the excuse than the norm in crypto.
Although a white hat hacker saved Polygon from a potentially devastating 850 million dollar hack, most blockchains and protocols get exploited have to stomach the loss. Cream Finance is a good example, having been hacked three times in 2021 for several hundred millions in total damage. Bunny Finance, another Binance Smart Chain DeFi protocol, also was hacked in 2021 and repeatedly involved in a hack of its partner protocol Qubit. Both exploits cost Bunny Finance investors more than nine figures.
Unfortunately, the saying with great power comes great responsibility does not seem to apply too much in crypto. How else could you explain protocols repeatedly getting attacked and investors repeatedly returning to them?
Hacks are not only a DeFi problem either. Although Coinbase got off the hook this time, the exchange was targeted before: in 2021, a hacker stole from more than 6,000 accounts. The total sum lost was never published. Either way, it was probably not as high as in the famous Mt. Gox exploit or the Bitfinex hack, both of which cost traders billions of dollars.
Is there any safe place in crypto?
If crypto seems like a minefield, that is because it is one.
Investors that want safe, stable, and predictable returns should stick to stocks and bonds. Those who want outrageously high returns will have to put up with a lot of market volatility and the risk of losing it all through cybercrime. As a retail investor, the best you can do is to adhere to best practices like two-factor authentication, choosing strong passwords, and making sure you are interacting only with reputable exchanges and protocols. You will never be safe in crypto, but you can reduce the risk of stepping on a mine.
