On 29 May 18:00 (EDT), Kiwidex announces about a hack attack. The site has been tacked down, and the FUD starts via social media and in the platform Telegram group.
New York time, May 29, 18:00 kiwidex official website suffered hacking attack, the account assets are safe, users will not suffer losses, kiwidex technical department is fixing up, please do not worry. If you have any questions, please contact Telegram: https://t.co/yO7Va0r1JW
— KIWIDEX (@Kiwidex_) May 30, 2019
First of all, what is kiwidex?
Kiwidex is the world first decentralized exchange based on TRON that also supports handling trade on mobile, as they said. It is a platform with a complete secure mobile operating system and extensive network that matches buyers and sellers to complete transactions. All kinds of tokens in TRON ecology can be freely traded in the platform, with open trading dates and can be checked in real time. It focuses on providing the user a safe and easy-to-use user experience that could rival the one of a centralized exchange.
What about the hack story?
To be clear it wasn’t a “hack” which can hurt the platform’s traders, nor their funds. The attack over Kiwidex was an SSL attack, where there is no danger on the user’s funds (open orders), nor even the hackers have no access over the site/platform. Too simply, they have just attacked the ‘ HTTPS ‘. And Kiwidex platform has solved this problem in a short time with the hackers, and the site is under maintenance now (via Kiwidex team).
What is the SSL hack?
Secrecy os two-way street. Organizations use secure sockets layer (SSL) and transport layer security (TLS) to encrypt their internet communications. The encryption protocols are utilized to ensure privacy and ensure data integrity. Unfortunately, the encryption protocols secure all application data, whether it is legitimate or malicious.
Hackers are using the SSL/TLS protocols as a tool to obfuscate their attack payloads. A security device may be able to identify cross-site scripting or SQL injection attack in plaintext, but if the same attack is encrypted using SSL/TLS, the attack will go through unless it has been decrypted first for inspection.
Hackers have also been able to find vulnerabilities within the SSL/TLS protocol itself. As an internet protocol, SSL/TLS is vulnerable to bugs and exploits. Hackers have taken advantage of renegotiation flaws, the POODLE vulnerability, and Heartbleed to name a few.
Defending against your own security tool:
Organizations are in a quandary, having to use SSL/TLS technologies to protect their applications, but also needing tools to protect against the same protocols because the hackers are using them against the business.
Perimeter security defenses need to process SSL/TLS traffic and determine whether the connections are legitimate or part of a DDoS or application attack. Ideally, the system can manage the SSL/TLS traffic at a performance level that does not impact the network and application availability.
Because of the heavy resource requirements to manage encrypted SSL/TLS connections, the security solution must have a methodology to process and triage the connections. When necessary, the solution can offload the SSL/TLS connection to a high-performance encryption system that can perform a proper challenge/response to validate the SSL/TLS connection.
In addition, this encryption system can inspect and validate the content when necessary. The SSL inspection solution must be out-of-band to ensure that it does not become a bottleneck when the number of SSL connections increases.
DefenseSSL for inbound protection:
Inbound SSL inspection and mitigation solutions are an important and essential part of the perimeter DDoS mitigation and application security solutions. Over 50% of the traffic on the internet is encrypted today and the number is increasing.
Any proper perimeter network security solution providing DDoS mitigation and application security services needs to incorporate a robust and scalable SSL inspection solution. Scalability and resiliency are critical in the perimeter defense solution. Businesses have an obligation to protect against the threats to their networks and applications, even if the threats were installed by them.
The FUD starts when the SSL was under attack:
Most of the users and Tron community have taken this situation as a golden chance to say that Kiwidex is a scam, and finally, “they have exit scam”. But all the FUD disappear when the team goes online on the Telegram group, and clarify the current situation. Many users thought that Kiwidex has done this game to run away with the PKT deposited funds to participate in the upcoming IEO. And that was totally wrong.
We will share with you here, some of the FUD tweets about Kiwidex when it was under attack:
Indeed, all your funds are sent at this address : TC6S1jRiyRy54qGnzDPYPNzy8Q18Xn3WxU
— TronTokens Official (@trontokens) February 13, 2019
Too bad . You are still nothing more than a scam. Garbage comes to mind when I consider the people behind this dex. Still asking ransom to delist tokens I hear.
— David D'Aprile (@DavidJDAprile) May 30, 2019
We can conclude that Kiwidex was not really hacked. And the hackers are never able to steal a DEX funds via an SSL attack. And currently, Kiwidex Developers are working hard to solve this current situation.
Please note, that is not a bit of financial advice, nor the WhaleToBe team’s view.