This week, we take a look at how cybercriminals exploit leaked API keys to steal millions of dollars from cryptoexchanges. In addition, we also have the recent API vulnerabilities in Rocket.Chat, the upcoming change in Let’s Encrypt root certificate and its impact on APIs, and another video on common GraphQL API vulnerabilities.
Vulnerability: API keys and cryptoexchanges
Researchers from CyberNews found how cybercriminals locate and exploit API keys from cryptocurrency exchanges to steal millions of dollars.
Many users take advantage of various applications to make their cryptocurrency trades easier. To give these applications access to their cryptocurrency account, users give the apps their private API keys for the cryptoexchange.
Unfortunately, many applications (and users) do a poor job keeping these API keys safe. Some applications put them in unprotected environment variable files, or the keys end up in public GitHub repositories or S3 buckets. The API keys that researchers found in various public locations at the time of their research provided access to wallets with a total value of over a million dollars.
For security reasons, cryptoexchanges typically limit API key permissions. By default, the keys give access to data and trading operations, but the permission to withdraw money or transfer it to another wallet is not.
However, being infinitely ingenious as they are, cybercriminals have worked around that limitation. Instead of transferring the money out of an account directly, they use bots and controlled trade middlemen to manipulate the market and then use the trade permissions on the leaked or stolen API keys for massive simultaneous buy or sell orders in the cryptoexchange. These cause spikes and drops in the value of ..
Support the originator by clicking the read the rest link below.
