Huobi, one of the world’s largest cryptocurrency exchanges, found and fixed a security flaw that gave permissions to access its cloud storage. The credentials were out in the open for more than two years.
According to white hat hacker and journalist Aaron Phillips, the Amazon Web Services servers that were at risk hosted Huobi’s websites, as well as its CDN (Content Delivery Network).
There was information about its users and internal documentation that could have been leaked because of the bug.
In fact, according to the author of the report, if a hacker had detected Huobi’s security flaw before it was fixed, “he would have had the opportunity to carry out the largest cryptocurrency theft in history.” That’s because the blunder would have allowed him to steal both the accounts and assets of Huobi users.
Although Huobi removed the account exposed in the described security breach, the company still did not delete the file and the credentials can still be downloaded.
Fortunately for the company and its users, no one warned about this leak, which had been online since June 2021. It should be noted that there are no longer any security risks for users of the exchange, although there are privacy risks because of the data that has already been revealed.
Huobi, an exchange where millions are traded
Huobi, a Chinese cryptocurrency exchange founded in 2013, ranks among the top 15 exchanges with the highest daily trading volume in the world, with more than USD 390 million in the 24 hours prior to the writing of this article. For reference, Kraken, the third in this global ranking, trades more than USD 551 million every day.
In recounting how he came across this find, Aaron Phillips said, “As part of my effort to look through open Amazon Web Services (AWS) S3 buckets, I found a sensitive file containing AWS credentials. After some investigation, I discovered that the credentials were active and that the account belonged to Huobi.”
Huobi faced some problems in early 2023, following a wave of layoffs at the company. With the memory of the FTX exchange still fresh in the minds of many, rumors sparked a drop in the price of Huobi’s token.
However, the company, which counts renowned entrepreneur and Tron founder Justin Sun on its board of directors, seems to have weathered the storm.
READ NEXT
- Crypto Bulls Anticipate SEC’s Green Light for Bitcoin ETF, Fueling Price Surge and Altcoin Rally
- Russia’s Sberbank Readies Retail Investors for Digital Currency Trading, Overcoming Regulatory Hurdles
- SEC Rejects BlackRock and Fidelity’s Bitcoin ETF Applications, Sending Bitcoin Price into a Tailspin
- How to Buy VPN With Bitcoin Using CyberGhost VPN
- Near Protocol (NEAR) Surges 10% as Alibaba Partnership Sparks Investor Excitement
Previous Articles:
- Crypto Bulls Anticipate SEC’s Green Light for Bitcoin ETF, Fueling Price Surge and Altcoin Rally
- Equithy Review – Don’t Limit Your Trading Career to an Average Level
- ZuluTrade Review – A Platform that Takes Copy Trading to New Heights
- Russia’s Sberbank Readies Retail Investors for Digital Currency Trading, Overcoming Regulatory Hurdles
- SEC Rejects BlackRock and Fidelity’s Bitcoin ETF Applications, Sending Bitcoin Price into a Tailspin
