Blockchain Security

Cybersecurity For Initial Coin Offering

CyStack Avatar

CyStack Editor

Content Executive @ Marketing Team|April 5, 2023
Security for ICO is important

Nowadays, more and more companies raise funds through an Initial Coin Offering (ICO). By launching an ICO, a company can create a new coin to make money. In addition to Bitcoin, Ethereum, and Litecoin, there are a large number of other coins in the market. However, companies might face security challenges when using cryptocurrency and launching ICO.

The following are some steps that companies should take careful consideration in a coin life cycle:

  • Coin offering: Hackers can attack offering websites to modify provided services.
  • Coin trading: DDoS attacks make cryptocurrency websites or applications unavailable to investors.
  • Currency exchanges: When trading currencies, an investor is likely to face risks of DDoS attacks or account takeover attacks.
  • Wallet: It is used to archive, receive and send crypto coins. Therefore, it is a lucrative target of malicious hackers.

Let’s learn about some aspects of a cryptocurrency attack and how to protect your assets against these attacks.

What is ICO? 

When launching an ICO, a company will create a new cryptocurrency and sell it to investors to receive money or another cryptocurrency, usually Bitcoin or Ether. Investors can use these cryptocurrencies to pay for services provided by this company or create transactions.

ICO is similar to crowdfunding because it is available for every investor without too many regulations. Companies can raise a lot of money through an ICO, for example, Blockchain Filecoin raised over 250 million dollars through ICO.

New cryptocurrency published in an existing platform like Ethereum, following ERC-20 standard, does not require a firm knowledge of the underlying blockchain technology of cryptocurrency.

ICO attack

Blockchain technology vulnerabilities

Since cryptocurrency was first introduced,  it has brought high interest and value to investors. Therefore, more and more hackers are interested in exploiting the vulnerabilities of this market. Although blockchain technology is decentralized and immutable, many vulnerabilities are still found and exploited.

Blockchain technology still has many vulnerabilities targeted by hackers

Direct attack

A typical example of direct attacks is an attack on the ICO of CoinDash – a start-up working in cryptocurrency portfolio management and related services.

According to the CoinDash blog, when the contract’s address provided by Ethereum was public, the attacker changed the official address to an incognito address. Due to high demand at that time, around 43,000 Ether was redirected to the incognito account within only 7 minutes. The website was shut down immediately as soon as it was found hacked. The attack caused a loss of about 7 million USD. Finally, it is defended against the attacker by the web application firewall.

Another example is a DDoS attack on the Bitcoin Gold website when it was introduced to the market. The attack made the website unavailable for a while. Although this did not directly affect the coin, it damaged the credibility of the whole project.

Account attack

Electroneum – a cryptocurrency provider – informed about a delay of their website and application due to a DDoS attack. 140,000 investors could not access their accounts and their cards were frozen. Finally, it was protected by using DDoS security.

E-wallet is easily attacked

How to protect your cryptocurrency

Web application firewall

Web Application Firewall (WAF) introduced by Gartner is a leading web application for four years continuously. It analyzes users accessing your website to protect your website from attacks. WAF can defend against web attacks including OWASP, which is one of the top 10 security threats and malicious bots. It controls the client accessing your application with a traffic filter based on different factors.

WAF analyzes all aspects of your website to detect attacks, which will keep your website away from authentication requests such as CAPTCHA.

Comprehensive security platform

After safely introducing your crypto coin, you should be aware of vulnerabilities that might be exploited through a cryptocurrency life cycle, including DDoS, cryptocurrency trade, and e-wallet. We will do more research on this problem and provide you with suitable solutions soon.

Use CyStack Platform to discover security vulnerabilities timely to prevent your cryptocurrency exchanges from attacks.

Bài viết liên quan

Hợp đồng thông minh mở ra phương thức mới cho các thỏa thuận pháp lý, nhưng các doanh nghiệp cần thận trọng khi sử dụng
Hợp đồng thông minh mở ra phương thức mới cho các thỏa thuận pháp lý, nhưng các doanh nghiệp cần thận trọng khi sử dụng
05/04/2023|Blockchain Security

Hợp đồng thông minh cung cấp rất nhiều lợi ích, nhưng hãy tìm hiểu lý do tại sao những lợi ích đó có thể chỉ là một mặt của con dao hai lưỡi. Lần cuối cùng bạn bị thanh toán chậm là khi nào? Đuổi theo hạn một hóa đơn? Chờ đến lượt nhận lương …

Mạng của Axie Infinity bị hack, thiệt hại hơn 600 triệu USD
Mạng của Axie Infinity bị hack, thiệt hại hơn 600 triệu USD
24/03/2023|Blockchain Security

Theo công bố trên Twitter vào ngày 29/3 vừa qua, Ronin Network – mạng được phát triển cho Axie Infinity, cho biết hệ thống đã bị tấn công với thiệt hại ước tính là 625 triệu đô.  Như vậy, đây là một trong những vụ tấn công tiền ảo lớn nhất tính đến thời điểm …

5 lỗ hổng phổ biến của Hợp đồng thông minh Smart Contract
5 lỗ hổng phổ biến của Hợp đồng thông minh Smart Contract
24/03/2023|Blockchain Security

Hợp đồng thông minh (Blockchain smart contract) rất khó để vận hành đúng. Khả năng lưu trữ giá trị, tính minh bạch và tính bất biến, là ba thuộc tính chính rất cần thiết để hợp đồng thông minh hoạt động hiệu quả. Tuy nhiên, những thuộc tính này cũng khiến cho nhiều hợp đồng …