The Bitcoin bandwagon has stalled. The value of the Cryptocurrency skyrocketed in 2013, but a downward trend is being witnessed this year. Investors and traders wishing to see Bitcoins in the mainstream e-commerce scene will probably have to wait a little longer.
Besides the glaring lack of regulation and worrying price volatility, cybercriminal activity has put a huge dent in the digital currency’s credentials. The hacking techniques are not new, nor are the vulnerabilities found in the Bitcoin exchanges.
More and more Bitcoin exchanges are being exploited with the help of malware and common phishing techniques. Coinbase and Flexcoin are just two of many Bitcoin platforms that have fallen prey to hackers and fraudsters.
The Mt.Gox raid earlier this year has had a devastating effect on the market. The Japanese exchange, which has now filed for bankruptcy, fell prey to a Trojan (MtGox2014Leak.zip) that simply harvested data from the database. More than half a million Bitcoins were allegedly stolen. The exchange is now back online, albeit only for account balance checking.
Another exploit was reported by the popular Cryptocurrency exchange Poloniex. This was a typical DDoS Attack. The cybercriminals flooded the servers with withdrawal requests, which lead to the freezing of the website. This could have been avoided by sequential handling of requests, but Poloniex unfortunately had a simultaneous protocol in place.
These are not the only instances of Bitcoin raids. In addition to website and platform contamination, more “traditional” phishing techniques also are being applied by fraudsters. While users can exercise caution and use only secure HTTPS pages, the only way to really ensure transaction safety is to make sure the commerce platforms and websites are secure.
How can Bitcoin and other e-commerce websites be secured?
Hackers thrive on the vulnerabilities in the coding of websites and platforms. The best way to keep them at bay is to implement effective security tools. CISOs and Information Security officials have a wide range of solutions to choose from, including DAST, SAST and also Pen Testing, which is a great way to test the resistance of completed products.
Source Code Analysis (SCA) and other SAST solutions help locate loopholes early in the development process. This secure SDLC is crucial as the product can be released fast, with minimal wastage of time and money. Locating vulnerabilities in completed products is usually more complicated and resource demanding.
For a free Source Code Analysis (SCA) trial and consultation with our in-house experts – Click Here
Sign up today & never miss an update from the Checkmarx blog
Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.
Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.