fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Hotbit Cryptocurrency Exchange Down After Hackers Targeted Wallets

Hotbit Cryptocurrency Exchange Down After Hackers Targeted Wallets

Cryptocurrency trading platform Hotbit has shut down all services for at least a week after a cyberattack that down several of its services on Thursday evening.

Hotbit assured its roughly 2 million registered users from over 210 countries (500,000 of them using the platform’s Android app) that their cryptocurrency assets were “safe and secure.”

“Hotbit just suffered a serious cyber attack starting around 08:00 PM UTC, April 29,2021, which led to the paralyzation of a number of some basic services,” the exchange said.

“Meanwhile, the attackers also tried to hack into Hotbit’s wallets (However, the attempt was identified and stopped by our risk control system).”

While the threat actors could not gain access to any cryptocurrency assets, they did delete Hotbit’s database.

Also Read: Compliance Course Singapore: Spotlight On The 3 Offerings

The exchange is also looking into any signs of information tampering that could have polluted any of its regularly backed up data before restoring servers and services.

Customers were told that the investigation and recovery process could take between 7 and 14 days due to the time needed to analyze backup data before starting the system restoration process.

Hotbit maintenance alert

Hotbit added that the attackers gained access to plain text customer information (phone number, email address, and asset data) stored within its database.

Customers were advised to watch out for phishing attempts impersonating Hotbit and recommended reaching out to confirm the validity of any suspicious message.

Even though customers’ passwords and 2FA keys were stored in encrypted form, the exchange warned users to change passwords on other online services where they use the same credentials.

The exchange shared additional information regarding affected orders and products:

  • Leveraged ETF products are not suitable for long-term holding and therefore Hotbit will be fully responsible for all losses suffered by the position-holder during the maintenance period.
  • Your Open Orders on Hotbit will be canceled when the system is restored to avoid unintended trading losses.
  • All daily routine income distributions (such as investment products, current products and FIL cloud computing power ) will be paid out after the maintenance is completed .
Hotbit cold wallet

While Hotbit users have already spotted suspicious transfers from the exchange’s wallets after the attack, Hotbit said that these are legitimate transfers of funds to a new cold wallet.

Also Read: Considering Enterprise Risk Management Certification Singapore? Here Are 7 Best Outcomes

Internet-connected hot wallets are used by exchanges to temporarily store assets for ongoing transfers and transactions, unlike cold wallets (aka offline or hardware wallets), which have no Internet connection.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us