Protecting the privacy and security of cryptocurrency users has perhaps never been more crucial. As Bitcoin skyrocketed to over $11,000 earlier this week, the industry is likely to fall victim to an array of cyber attacks.
So far, the industry has experienced fraudulent apps which gathered the credentials or private keys of victims. However, new research from the cybersecurity company, High-Tech Bridge, suggests that an alarming number of available cryptocurrency-related apps are simply not equipped to protect their users’ privacy, let alone defend against hackers.
Using the mobile app security software, Mobile X-Ray, researchers confirmed that a large number of apps fell short when it came to their security measures. The researchers chose 30 apps at various levels of popularity based on how many downloads the app had. Researchers targeted apps with up to 100,000 downloads, 500,000 downloads, and more than 500,000 downloads. In total, 90 apps were analyzed.
In the 500,000+ download category, over 94% of apps used older, inefficient encryption techniques, while another 66% failed to encrypt its user data with HTTPS. In addition, 44% of apps in this category stored passwords in plain text. Overall, researchers concluded that 94% of apps in the most popular category had a minimum of three security flaws that were considered medium-risk.
Ilia Kolochenko, CEO of High-Tech Bridge, noted that the tested apps include wallet apps, price tracking apps, and exchange platform apps. If the flaws of these popular apps were exploited, the effect could be damaging to the cryptocurrency industry and its users.
Kolochenko noted that apps that do not implement proper encryption expose the user and the app to an array of possible threats and attacks. Most of the tested apps demonstrated no encryption function. This means that once a user connects to a public Wi-Fi spot, a dedicated hacker could steal their information, login credentials, infiltrate the user’s wallet, and even manipulate the app’s traffic.
Price tracking apps also carry a significant risk. According to Kolochenko, a hacker could easily dupe the app in its volume, which could impact the market behavior and price. In a volatile cryptocurrency market, which is often influenced by so-called whales, this attacks could have severely damaging ramifications.
What’s more, hackers could also choose to create false information on apps, such as the trading price. Once sensitive information like this becomes compromised, it can lead to price-dumps en-masse.
Granted, any hacker who can attempt this level of skill would be hard to come by. Then again, Bitcoin is more lucrative than ever before. There is no lack of incentive, meaning our last safety resort is in that of the apps we use. Unless the security issues are quickly addressed, users could face massively damaging attacks in the future.
So far, the industry has experienced fraudulent apps which gathered the credentials or private keys of victims. However, new research from the cybersecurity company, High-Tech Bridge, suggests that an alarming number of available cryptocurrency-related apps are simply not equipped to protect their users’ privacy, let alone defend against hackers.
Using the mobile app security software, Mobile X-Ray, researchers confirmed that a large number of apps fell short when it came to their security measures. The researchers chose 30 apps at various levels of popularity based on how many downloads the app had. Researchers targeted apps with up to 100,000 downloads, 500,000 downloads, and more than 500,000 downloads. In total, 90 apps were analyzed.
In the 500,000+ download category, over 94% of apps used older, inefficient encryption techniques, while another 66% failed to encrypt its user data with HTTPS. In addition, 44% of apps in this category stored passwords in plain text. Overall, researchers concluded that 94% of apps in the most popular category had a minimum of three security flaws that were considered medium-risk.
Ilia Kolochenko, CEO of High-Tech Bridge, noted that the tested apps include wallet apps, price tracking apps, and exchange platform apps. If the flaws of these popular apps were exploited, the effect could be damaging to the cryptocurrency industry and its users.
Kolochenko noted that apps that do not implement proper encryption expose the user and the app to an array of possible threats and attacks. Most of the tested apps demonstrated no encryption function. This means that once a user connects to a public Wi-Fi spot, a dedicated hacker could steal their information, login credentials, infiltrate the user’s wallet, and even manipulate the app’s traffic.
Price tracking apps also carry a significant risk. According to Kolochenko, a hacker could easily dupe the app in its volume, which could impact the market behavior and price. In a volatile cryptocurrency market, which is often influenced by so-called whales, this attacks could have severely damaging ramifications.
What’s more, hackers could also choose to create false information on apps, such as the trading price. Once sensitive information like this becomes compromised, it can lead to price-dumps en-masse.
Granted, any hacker who can attempt this level of skill would be hard to come by. Then again, Bitcoin is more lucrative than ever before. There is no lack of incentive, meaning our last safety resort is in that of the apps we use. Unless the security issues are quickly addressed, users could face massively damaging attacks in the future.