DX.Exchange Claims It Has Fixed Serious Security Weaknesses Detected on the Platform

CoinSpeaker
DX.Exchange Claims It Has Fixed Serious Security Weaknesses Detected on the Platform
The issues of data and assets security remain among the most important ones within the crypto space. Though it’s always better to prevent any potential security vulnerability, if it has been detected, it is very important to react timely and not to let funds be affected.
CoinSpeaker has already reported that DX.Exchange positions itself as a revolutionary Estonia-based cryptocurrency exchange that offers its users a possibility to trade tokenized Nasdaq stocks and cryptocurrencies on the same platform.
The platform that went live on Monday is said to utilize Nasdaq’s matching engine and financial data exchange protocol to ensure the trading of these digital securities.
Nevertheless, in its first few days, the security vulnerability was detected and reported by the tech news website Ars Technica. According to the crypto media, a trader, who preferred to stay unnamed due to the nature of the situation, conducted a security analysis of DX.Exchange.
In the framework of this analysis, he found out that some sensitive data of the exchange’s users were being sent to their browser. And the main problem was that the data leaked contained users’ authentication tokens and password reset links.
Given the fact the tokens are formatted with the help of an open standard known as JSON Web Tokens, they can be easily accessed by everyone who could get the full names of token holders and their email addresses.
“I have about 100 collected tokens over 30 minutes. If you wanted to criminalize this, it would be super easy”, concluded this anonymous trader.
He also said that knowing the above-mentioned weak points of the platform, fraudsters could easily gain access to the accounts not only if their owners hadn’t logged out but also even if they had done it.
DX.Exchange’s Reaction
Nevertheless, it didn’t take long (just less than a day) for DX.Exchange to report that they had fixed their critical vulnerability that leaked sensitive user data adding that no user funds had been affected.
In his statement, Daniel Skowronski, CEO of DX. Exchange, said:
“We would like to thank the vigilant reporter, and our supportive community, who together, brought this issue to our attention. We are happy to report that the vulnerability has been successfully patched, and no user funds were compromised. Our launch was met with a stellar response from our community eager to trade cryptocurrencies and digital stocks. Customer funds were always safe, our multi layer advanced monitoring and defense mechanism was able to avoid any further issue.”
DX. Exchange also invited any developers who would discover bugs in the future to inform the exchange directly using a special Bug bounty program. It is strongly believed that this program will help to fix all vulnerabilities (if any) timely without letting them cause harm to users’ funds.
DX.Exchange Claims It Has Fixed Serious Security Weaknesses Detected on the Platform

Crypto Ransomware Is Becoming a Bigger Problem
Thursday April 18, 2019

Cryptocurrency ransomware is shooting through the roof. It’s a Scary Time to Depend on Digital Means Imagine opening your computer one day, browsing online, trying to get some work done and then WHAM! Your computer just locks up and a random message appears on your screen demanding  bitcoin or related cryptocurrency in exchange for re-entry […]

The post Crypto Ransomware Is Becoming a Bigger Problem appeared first on 12bit trade.