Majority of the big crypto exchange platforms are quite assured about their security measures in order to ensure the safety of investor’s money. Even after such concerns, the crypto market is not 100% ‘Hack Proof’. A newly-launched token trading platform, DX.Exchange is also not fully secured as a big security weakness has been found out.
The exchange platform was introduced earlier this week. It received a considerable exposure across the entire financial news arena. The security issues were found out by an online trader who was going through the platform’s security hygiene. The trader figured out that the exchange could be “criminalized super-easy.” Here, the trader has kept his identity hidden for legal reasons, while he reveals that the platform was leaking some sensitive legal and financial data.
In detail, the trader heard about the new exchange’s launch and decided to have a ‘trial’ to find out if it’s something he would like to use. He used a dummy account to check the toughness and security of the exchange. He then used the developer tool through the Google Chrome browser. Here, the anonymous trader further explored and discovered shocking details, as the request sent from his browser to Dx.Exchange had information about the authenticated token and the user’s details to access the account along with password-reset links.
He shockingly unveiled, “I have about 100 collected tokens over 30 minutes. If you wanted to criminalize this, it would be super easy.” He explained that it is easy for skilled individuals to see the full names and email addresses of DX.Exchange users to whom the tokens belong to.
The platform security was weak to the extent that the trader claims that he can even successfully keep the access to any account, even after the users have logged out. However, the bad news doesn’t end here. The whole system seems to be on risk as some of the leaked tokens belonging to the exchange’s employees also. This shows the level of danger due to lack of robustness of the system.
On this major issue, the exchange responded as the trader informed DX.Exchange regarding this. The exchange affirmed through the Tweet:
WE SCHEDULED FOR TODAY AT 11:00 AM (ESTONIA TIME ZONE) A MAINTENANCE UPDATE TO IMPROVE OUR PLATFORM FUNCTIONALITY AND PERFORM SEVERAL BUG FIXES AND UPDATES. THE PLATFORM WILL COME BACK FULLY FUNCTIONAL AFTER FEW MINUTES. THANK YOU FOR YOUR PATIENCE
— DX.Exchange (@DXdotExchange) January 9, 2019
DX.Exchange was launched on Jan 7 and is intending to bridge the gap between cryptocurrencies and real-world stocks. The exchange offers digitized versions of Apple, Facebook and Apple stocks along with some of the most significant cryptocurrencies.