The largest Bitcoin derivatives exchange BitMEX reported an increase in attempts to obtain unauthorized access to user accounts and reminded about the precautions when working with the trading platform.
Representatives of the company came to the conclusion that lately attacks have not only been occurring more often – tactics of intruders have become more complicated and sophisticated. For example, before withdrawing funds, attackers can transfer them between different accounts they control. In addition, after gaining access to someone else’s account, attackers can disable email notifications and also activate two-factor authentication (2FA) in order to create an API key with permission to withdraw funds.
In response to the increased intensity of attacks, BitMEX decided to increase security measures. In particular, now users will always receive email notifications about logging in to their account, which cannot be disabled. In addition, the withdrawal will always need to be confirmed by email. Also, the exchange is thinking about making 2FA mandatory for all users.
BitMEX recalled that users should use strong and unique passwords, include all 2FA accounts, and add support email address to avoid important notifications in the spam folder of the mailbox.
According to the company, BitMEX has always been serious about security issues and one of the first among the trading platforms began to use cold wallets with multi-signatures for safekeeping of user funds. Also, developers are constantly reviewing security protocols and working to improve their standards.