In a new ranking of cryptocurrency exchanges by the level of security they provide, the US-based crypto exchange Kraken comes out as number 1, judging from criteria like reliability of key storage, technical security, as well as how it handles user’s personal data. The ranking comes out just as news broke that hackers may have been able to hijack bitcoin transactions made on cryptocurrency exchange Gate.io.
The assessment tool that ranks exchanges by the security they offer was developed by cyber security firm Group-IB as a way to determine the appropriate insurance premiums for users who wish to insure their holdings on exchanges through a service known as CryptoIns.
As a result of Kraken’s high score, users of that platform received the lowest insurance premiums when they insure their crypto holdings. Following Kraken came the major crypto exchanges Bittrex and Coinbase Pro with the second lowest insurance premiums.
Chinese crypto exchanges OKEx and Huobi Pro, as well as Japanese exchange Coincheck, a victim to a major hack in January, were deemed to be among the riskiest exchanges to use, the ranking revealed.
In addition to technical aspects, the ranking looked at how the exchanges handled know-your-customer (KYC) and anti-money laundering (AML) procedures.
“This assessment focuses on open source data — white papers, information about founders, security policies. In some cases, with founders’ consent, the assessment includes penetration testing using social engineering methods aimed at the network compromise through the most vulnerable link at any organization— humans,” Group-IB wrote in an update on its website.
In a previous ranking of exchanges by rating agency ICORating, Kraken again stood out as one of the most secure exchanges, coming in at second place. On the first place was Coinbase Pro, while BitMex secured the number three spot. Other notable exchanges on the list were Binance on 17th place, HitBTC on 18th place, and Bitfinex on 54th place.
The new security ranking comes out just as news broke that hackers have successfully breached the website StatCounter.com and inserted malicious code in its site-tracking script.
According to Matthieu Faou, the malware researcher who first noticed the breach, hackers may have been able to hijack bitcoin transactions made on cryptocurrency exchange Gate.io, as reported by ZDNet on Tuesday.
Statcounter.com is a service similar to Google Analytics, and companies loads the now-breached site-tracking script to view their website analytics.
“We contacted [StatCounter], but they haven’t replied yet,” Faou told ZDNet.
However, it appears that Gate.io removed the StatCounter script from its website once it became aware of the breach, although no statement has been issued by the exchange.
“Gate.io doesn’t use StatCounter anymore, thus Gate.io customers should be safe now,” Faou confirmed. It remains unclear how many, if any, bitcoin was actually stolen before the breach was discovered.