Foxbit, Brazil’s Cryptocurrency exchange seems to always make the headlines with various issues. Recently, a bug that found its way into the exchange’s platform and allowed users to create double withdrawals.
This bug led to a loss of $270,000 and forced Foxbit to go down in 14 days.
Currently, the bitcoin exchange is battling with a massive loss of 58 bitcoin estimated to be about ($540,000) to hackers.
It recently posted on its trading platform known as Blinktrade about its update and upgrade on its login process to increase safer measures for traders on the platform.
That development seemed to have come in just a little bit late as the company is already swimming in a huge loss.
Report has it that cyber-security expert Leandro Trindade was the one who gave the 58bitcoin estimate as he had earlier noticed that local complaint portal Reclame Aqui was filled with Foxbit related content.
Further investigation was made, and it was discovered that most users were complaining bitterly of missing funds on the platform.
His inquiry further revealed that traders on this platform could only change their (2FA) settings using a one-time password which made it easy prey for hackers to break these passwords, lock users out of their accounts and Phish.
Unfortunately, there were no other requirements such as an email confirmation or security question or any other security blockage to disrupt hackers activities; it was a smooth ride to withdraw funds.
On March 29 the Trindade tried to warn Foxbit that their users were at the mercy of hackers. He sent two emails and left a support ticket, as well as a message on Facebook.
BlinkTrade did not reply back until almost two weeks later and responded that it would take two weeks for the issue to be resolved.
In his interview by Portal do Bitcoin, Trindade revealed that (roughly translated):
“I could be rich right now. But my code of ethics won’t let me.”
In a statement made by Foxbit (roughly translated), stated that “The Company was informed of the first occurrence in December and has since worked with BlinkTrade to strengthen the security and guide users as shown in our blog post in this regard.”
Foxbit went ahead to say that it had been planning a new login and withdrawal procedure since early February and were very much aware of the issue before Trindade’s discovery.
Traders Missing Bitcoin
Blinktrade is pulling out of the allegation and putting the blame solely on users of the site as it claims that issues of phishing are always almost the fault of the user revealing sensitive information directly or indirectly to the third party.
Foxbit, in order to resolve the issue, is trying to settle users who lost funds on the platform. Evando Conceicao Oliveira is one of such users who claimed to have lost $10,300 on Jan 22. He and the exchange later came to a refund agreement of $5,700.
We only hope that this would sound a real warning to Foxbit to up their game as competition maybe toughened in the country soon when XP Investimentos launch their crypto exchange.