By Du Jun
Huobi Group Co-founder
In the latest large-scale attack that rocked the crypto industry, more than 9,000 Solana software wallets were hacked and drained of their tokens, to the tune of over US$6 million. Investigations have shown that the root cause lies in users’ wallet software whose private keys were compromised, rather than a bug with the Solana core code.
As a crypto exchange that puts our users’ asset security as our highest priority, Huobi Global has been tracking the developments of the Solana wallet hack with concern. While none of our user assets were compromised in this attack, it nevertheless raises questions about how an incident of this magnitude could be allowed to take place, and how crypto platforms and their users can better protect themselves.
More answers will likely be forthcoming in the days ahead, as developers and security experts across the crypto ecosystems complete their investigations and release their findings. In the interim, there are three key lessons that stand out from this unfortunate episode, which are worth investors paying heed to.
1. Hackers don’t stop regardless of market conditions
It may be tempting to be lulled into a false sense of complacency amidst the current crypto winter, as things naturally get quieter with the market downturn. However, this doesn’t apply to hackers and other bad actors who are constantly on the lookout to exploit security loopholes. For example, they may take advantage of the slower market to steal digital assets from owners who may not be checking their trading accounts as often as before.
The key is to never let your guard down when it involves the safety of your crypto assets, and do not let market conditions influence your level of vigilance.
2. Find out how your crypto assets are kept safe
Every crypto platform claims to be focused on security, but the proof is in the pudding in terms of the actual security measures it has in place. Most organizations that have invested in a robust security system would have incurred significant costs and time in doing so, and would be happy to talk about it to better differentiate themselves from the competition.
Therefore, the absence of information about a platform’s security on its website and other reliable sources should raise a red flag, and you should start asking questions on how it keeps your assets safe.
As a market leader, Huobi Global believes in the value of periodically highlighting our security-related capabilities through avenues such as this article. This is not just to reassure users, but also to lift the level of security awareness in the industry, for the benefit of all crypto investors.
3. Go with a centralized exchange
In the wake of the Solana wallet hack, some security experts have recommended affected users to switch to hardware wallets. While the latter do offer enhanced security, they are not without their drawbacks in terms of cost and learning curve. As such, they may not be a feasible solution for everyone.
An alternative solution – and a time-tested one – is to choose reputable centralized exchanges such as Huobi Global, which were not affected in the attack. We have a team of highly experienced professionals in blockchain and wallet security, APT intrusion countermeasures, and user asset protection; they are responsible for building and strengthening our industry-leading security system.
Since Huobi Global’s inception nine years ago, we have not recorded a single major security incident which led to the loss of user funds – a track record that remains unmatched in the industry. This gives users peace of mind that we have their back, as far as their asset security is concerned.