Huobi, a popular cryptocurrency exchange, has recently fixed a serious security issue that could have potentially exposed users’ assets for a long time.
According to cybersecurity expert Aaron Phillips, Huobi unintentionally made a mistake by sharing a file that included important Amazon Web Services (AWS) credentials in June 2021. This mistake led to the exposure of contact and account details of around 4,960 individuals known as “crypto whales,” as well as some internal documents.
According to Aaron Phillips, if an attacker had taken advantage of the data breach, it could have potentially resulted in the biggest crypto theft ever recorded.
Phillips explained in his blog post that the leaked credentials could have been used to manipulate content on several Huobi domains, such as huobi.com and hbfile.net. This level of access would have given him complete control over various aspects of Huobi’s operations.
Phillips informed Huobi about the leak in June 2022, but it took five months for the exchange to respond and address the issue. Finally, in June 2023, Huobi revoked the leaked credentials.
The most concerning part of the breach was the unauthorized access to write privileges, which allowed the attacker to manipulate Huobi’s content delivery networks (CDNs) and websites.
When an attacker gains the ability to write to a content delivery network (CDN), it becomes easy to insert harmful scripts. This puts all the websites connected to that CDN at risk of being compromised.
Huobi took action by deleting the compromised account on June 20, ensuring the security of its cold storage.
According to Phillips, the leak at Huobi also made a database of over-the-counter (OTC) trades since 2017 accessible. This database contained information about user accounts, transaction details, and the IP addresses of traders. The entire database was stored in a 2TB file that could be downloaded.
Furthermore, the breach provided insights into how Huobi’s production infrastructure operates and allowed access to modify JSON files related to the company’s NFT project called Utopo.
Huobi Downplays the Severity of the Breach:
Huobi stated on June 1 that the OTC data breach mentioned by Phillips was actually “test data” and not real user information. The leaked data only affected around 4,000 users.
Huobi’s updated response stated: The OTC data mentioned in the article is not real transaction data, but test data; user information leaks only involve 4,000 users; the log shows that only white hat has downloaded, and white hat has also stated that he has deleted. Therefore no…
— Wu Blockchain (@WuBlockchain) July 1, 2023
According to Huobi’s explanation of the incident, the data breach happened because of mistakes made by staff members who were working with the S3 bucket in the testing environment of the Huobi Japanese AWS site. The user information involved in the breach was completely secured and separated from other data on October 8, 2022.
The exchange also stated that the leaked information does not include sensitive data and does not impact the security of user accounts and funds.
Important: Please note that this article is only meant to provide information and should not be taken as legal, tax, investment, financial, or any other type of advice.
Follow Cryptos Headlines on Google News
Join Cryptos Headlines Community
Author
