• Skip to primary navigation
  • Skip to main content
S2 Grupo

Spanish Company Specialized in Cybersecurity

  • Company
    • About Us
    • Governing Bodies
    • CSR
    • Awards and Acknowledgments
  • Specialization
    • OT Industry
    • IT
    • OT Health
  • Solutions
  • R&D+I
  • Talent
  • News & Publications
  • Contact
  • facebook
  • twitter
  • instagram
  • linkedin
|
en arrow down
  • es
© 2023 S2 Grupo
Corporate

The theft of more than 40 million bitcoins highlights the cyber danger to which digital assets are exposed

_
11 May 2019

 

  • Criptonics, S2 Grupo’s spin-off, has pointed out that the cyber-attack suffered by Binance 2 days ago highlights the high risks of cybersecurity that threaten blockchain technology.
  • Digital assets are a current target for cybercriminals and there are even specialized groups with high resources that focus on exploiting any vulnerability of blockchain applications.

Valencia, May 10, 2019.- This week one of the most important exchanges of cryptocurrencies, Binance, has suffered a cyberattack whose consequences have been the theft of more than 40 million euros in cryptocurrencies. In relation to this incident, Miguel A. Juan, managing-partner of S2 Grupo has stated that "we are living in a moment in which we are already used to cybersecurity attacks and robberies in the world of digital assets. However, this incident that has affected Binance highlights the concerns that cybersecurity experts have been announcing for some time." "This matter is really shocking. Binance is known as one of the most professional companies in the cryptocurrency sector and has a very good reputation for seriousness and reliability. However, on May 7 it suffered the theft of 7,000 bitcoin worth more than 40,000 million euros from a single account. This shows more than ever the high risks of lack of cybersecurity also in the field of the blockchain", highlighted José Rosell, managing-partner of S2 Grupo. Although the exact details are not yet available, cybersecurity experts in blockchain of the Spanish company Cryptonics, spin off of S2 Grupo, indicate that a series of clear conclusions are drawn from this fact. First, the attack seems to have been carried out in a premeditated and professional manner. According to initial indications, social engineering techniques and propagation have been used to obtain credentials to a private key belonging to a company's own bitcoin account. Subsequently, the funds have been withdrawn and during the last two days those funds have been moved in small amounts to different accounts to dilute the traceability of the stolen assets. In this way, the Cryptonics team affirms that the incident highlights the danger associated with the digitization of assets. "Digital assets on blockchain are an important automation tool. The mathematics and cryptography that protect those assets work perfectly. However, companies fail in the infrastructures they build around, both in software, as well as in the protection and training of their own employees and other users. In almost all incidents recorded, you can see that there are fundamental programming errors or human errors in the company ", explained Stefan Beyer, general manager of the firm. Cryptonics specializes in auditing blockchain systems and building secure decentralized applications. "In the case of the use of cryptocurrencies, there is the idea of ​​returning control over assets to the user and removing it from banks. However, what the user does not realize is that the exchanges are really unregulated, less secure banks and probably located in another part of the world. Storing digital assets in the custody of a trusted third party in this way eliminates all the advantages of cryptocurrencies and increases the risk substantially ", said Beyer. In addition, it has been indicated that the applications of blockchain technology, beyond cryptocurrencies, such as smart contracts, share the same cybersecurity problems. In general, digitized assets are at greater risk, because they represent a very attractive target for cybercriminals. In fact, there are specialized groups with many resources that focus on exploiting any vulnerability of blockchain applications. "Vulnerabilities can occur in many ways. On the one hand, there may be errors in a smart contract or a bad configuration of a server. On the other hand, the failure may be in the company's security policy that enables attackers to obtain credentials from key employees or the employees themselves to steal the assets. Therefore, it is necessary to have cybersecurity experts to audit the entire system", says Stefan Beyer. Along with this, Cryptonics has indicated that beyond implementing preventive measures, companies should have contingency plans in case of suffering an alleged incident. In the specific case of Binance, it seems that the company "did its homework" in this sense and had prepared an emergency fund to absorb losses of this type. In other cases, this has not been the case and the most affected were the users of the platform.   More information: prensa@s2grupo.es

  • fb
  • tw
  • in
Related Articles
Show all →
Corporate
More than 57% of video game console users are unaware that these can be hacked
Read more →
Corporate
7 out of 10 Spaniards believe that “fake news” can alter election results
Read more →
Corporate
The National Cryptological Center and S2 Grupo create the first cybersecurity “vaccine”
Read more →

Follow us in our newsletter

Subscribe through your email to stay up to date

S2 Grupo
© 2023 S2 Grupo
  • Press Center
  • Legal Disclaimer
  • Privacy Policy
  • Cookie policy
S2 Grupo utiliza cookies propias y de terceros para permitir tu navegación, fines analíticos y para mostrarte publicidad personalizada en base a un perfil elaborado a partir de tus hábitos de navegación (por ejemplo, páginas visitadas). Clica aquí para acceder a nuestra Política de Cookies. Puedes aceptar todas las cookies pulsando el botón “ACEPTAR” o configurar o rechazar su uso pulsando el Botón “CONFIGURAR”
ConfigurarAceptar cookies
Manage consent

Resumen de Privacidad

Este sitio web utiliza cookies para mejorar su experiencia mientras navega por el sitio web. De estas, las cookies que se clasifican como necesarias se almacenan en su navegador, ya que son esenciales para el funcionamiento de las funcionalidades básicas del sitio web. También utilizamos cookies de terceros que nos ayudan a analizar y comprender cómo utiliza este sitio web. Estas cookies se almacenarán en su navegador solo con su consentimiento. También tiene la opción de optar por no recibir estas cookies. Pero la exclusión voluntaria de algunas de estas cookies puede afectar su experiencia de navegación.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
CookieDurationDescription
pll_language1 yearThe pll _language cookie is used by Polylang to remember the language selected by the user when returning to the website, and also to get the language information when not available in another way.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Necessary
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
_GRECAPTCHA6 monthsThis cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
cookielawinfo-checkbox-analytics1 yearSet by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Analytics" category .
cookielawinfo-checkbox-functional1 yearThe cookie is set by the GDPR Cookie Consent plugin to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necesaria1 yearSet by the GDPR Cookie Consent plugin to store the user consent for cookies in the category "Necessary".
CookieLawInfoConsent1 yearRecords the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
SAVE & ACCEPT
Powered by CookieYes Logo