Unocoin, an industry leader among India’s bitcoin exchanges, went offline on Monday night following the discovery of a serious security vulnerability.
The Vulnerabilities Have Surfaced Just Weeks After a Unocoin Customer’s Account Was Hacked
Major Indian bitcoin exchange, Unocoin, went offline late Monday night following the discovering of a significant security flaw. Unocoin CEO and co-founder, Sathvik Vishwanath, is anticipating that Unocoin will return to regular operations by the “end of day Tuesday”. “We identified that there was an issue with the way the files were being stored and are resolving that part. We are also moving the servers to a more secure location,” Vishwanath told the Economic Times India in a recent interview.
The company has stressed that all customer funds are safe, but has mandated that users change passwords upon logging into their accounts. Technical specifications pertaining to the security vulnerability and its discovery have not been publicly disclosed.
The vulnerabilities have surfaced just weeks after a data scientist from Bengaluru had his Unocoin account hacked. The hacking victim, who concealed his identity, reported that upon logging into his account, he immediately received an email with a link for a password reset, and then an email confirming that his password had been changed.
Many Are Speculating That the Discovered Vulnerabilities May Have Been Linked to the Customer’s Account Getting Hacked
Upon realizing that his account was being hacked, the individual then became aware that two transactions had been initiated moving approximately 0.3 and 0.4 bitcoin from his account. The data scientist quickly sent an email to Unocoin, before driving to their local Bengaluru headquarters. Unocoin was able to lock his account and prevent a third unauthorized transaction from occurring, but unfortunately had already processed the first two transactions.
Many within the cryptocurrency community are speculating that the vulnerabilities discovered by Unocoin may have been exploited by those who hacked the data scientist’s account, although Unocoin has not made a statement addressing said speculation.
Unocoin has seen an increase in transactions, account verification requests and customer support queries following the increased media exposure of bitcoin heading into June. Along with the increase in customer base, Unocoin has also seen an increase in reported wallet hacks – with the company claiming that it saw nine cases last month, more than double the monthly average of just 3 or 4. As a precautionary measure, the company has temporarily reduced its automatic transaction approval threshold to 0.1btc, as opposed to the normal limit at 0.5btc.