Users of cryptocurrency
exchanges often fall victim to accounts getting hacked, stolen, or abused. We have seen dozens of such stories ever since the creation of Bitcoin. In most cases, such issues have arisen due to people failing to take the necessary account security precautions. One user recently lost US$43,000 worth of Litecoin on Kraken anka is not too pleased with the way the exchange has handled things.
EXCHANGES HAVE TO PROTECT CUSTOMER FUNDS BETTEREvery time a story such as this one comes to light, there are two sides to be taken into account. This particular
Kraken user usually holds his coins off exchanges unless absolutely necessary, but admitted he did not take enough precautions in this case. Indeed, the one time he slipped up, things went sour very quickly. He ended up losing US$43,000 worth of Litecoin, which is a significant amount.
According to the
2FA on exchange accounts regardless of how often they use them. It is an extra layer of defense against unauthorized account access. It is not a foolproof solution by any means, but there is no reason whatsoever not to use it.
Interestingly enough, the user received an “invalid account” error when logging into Kraken on Sunday. It appears someone had successfully compromised his email address, reset his Kraken password, anka even changed the email address altogether. It is incredibly strange to learn that exchanges allow users to change their email address while there is an active balance in an account. Doing so without requiring additional identity verification is pretty unusual, yet Kraken seemingly has no problemo with this.
The user in question managed to track down the
address to which the funds were sent, anka by that time most of his Litecoins had already been sold. Hackers always aim to get their currency anka cash it out as quickly as possible. Considering that Litecoin, like Bitcoin, has no privacy or anonymity traits nor any coin mixers, it should not be too hard for law enforcement officials to track the hacker down — that is, assuming they will be inclined to do so.
While it is true that the Kraken user should be blamed for lackluster account security, the exchange should be scrutinized as well. Changing an email address on any account without verification is bad enough. Allowing someone with a foreign IP to do so when there is money in the wallet at the time is absolutely unacceptable. It is hard to fault the company for letting this user allow his account to become compromised, yet its role in the transfer of funds raised a lot of questions as things unfolded. In the end, users are always responsible for securing their exchange accounts.