Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
If you trade in cryptocurrency, your funds probably aren’t safe in a public exchange.
On June 19th, Bithumb, one of the largest cryptocurrency exchanges in Asia, changed their wallet system. They announced that they would temporarily suspend deposits while they changed wallets. Up until then, there were no known indications of cyber-attacks.
Twelve minutes after the wallet change, Bithumb made a shocking discovery. About $31 million USD worth of cryptocurrency was stolen! They paid all applicable accounts back the money that was stolen from them, but all of a sudden the company had a multi-million dollar loss and a cybersecurity incident to respond to.
The company tweeted:
[Notice for the suspension of all deposit and withdrawal service]
We checked that some of cryptocurrencies valued about $30,000,000 was stolen. Those stolen cryptocurrencies will be covered from Bithumb and all of assets are being transferring to cold wallet.
— Bithumb (@BithumbOfficial) June 20, 2018
Soon afterwards, the company deleted their tweet and retracted the statement. Weird. They may have been advised to take the statement back while they investigated the incident. But on June 21st, they acknowledged the cyber-attack publicly:
“After the incident occured on June 20, Bithumb quickly followed the procedure to immediately report [the] incident to KISA announcing that about 35 billion Korean Won worth amount of cryptocurrency was stolen. However, as we undergo recovery process on each cryptocurrency, the overall scale of damage is getting reduced. Hence, we expect that the overall damage will be less than the amount we initially expected.”
The Korean public sector has been assisting Bithumb with their incident response. They have been working with the Korean Ministry of Science and ICT’s Korea Internet & Security. Bithumb may be able to recover some of the stolen funds.
Once again, the company has assured investors who were affected by the attack that they will be fully compensated, no matter what.
“Bithumb has been administering company’s asset and customers’ asset, and all customers cryptocurrencies, as well as KRW asset, are safely stored on cold wallet and bank respectively. Moreover, we would like to ensure that Bithumb currently has about 500 billion KRW worth of company’s fund. The amount of damage that occured this time will be fully covered by Bithumb’s own company fund.”
If you invest in any cryptocurrencies, public exchanges may not be safe places to store your money. They generally aren’t as secure as conventional bank accounts of fiat currency.
Villanova University finance professor John Sedunov said, “Bitcoin and other cryptocurrencies have risen dramatically in popularity and value over the past few years. This fast run-up may have caught some exchanges off-guard, and they may not have had the capital on hand, time, or even the technical ability to ramp up security features fast enough to ward off potential attackers.”
“Cold” wallets are more difficult to attack than “hot” wallets. A “cold” wallet is a place to store cryptocurrency which is inaccessible to customers and also completely disconnected from the internet. A “hot” wallet is accessible to customers by being connected to the internet, which opens a major attack vector. Cryptocurrency money moves between “hot” and “cold” wallets all of the time.
It’s possible for you to maintain your own private “cold” wallet. Your “cold” wallet can be stored on an external hard disk or USB drive, which you should only have mounted to a computer that’s connected to the internet when you have to use it. Maybe the best approach is to put some of your cryptocurrency funds in your private “cold” wallet, and the rest in a “cold” wallet that belongs to an exchange. But you’ll need to check the exchange to see if they would transfer your “cold” wallet funds to a “hot” wallet, when and how. And even “cold” wallets aren’t completely safe from cyber-attack; they’re just generally much safer than “hot” wallets.
Or you could be like me, have no cryptocurrency, withdraw cash from your conventional fiat checking account, and store it in a fireproof safe that only you would have physical access to. But some people would think that I’m a bit eccentric.
It’s possible that during the June 19th wallet change, one of the wallets Bithumb handled contained malicious code that was the payload. More news may become public about this attack as more becomes known.
Bithumb’s a pretty big player in the world of cryptocurrency. It’s typical for them to trade over $200 million worth of funds in a day. As 2017 ended, Bithumb said that they had over a billion dollars’ worth of cryptocurrency holdings, and a net profit of about $300 million for the year. Uncle Scrooge would be proud.
Tags: Cyber Security
Reading Time: 3 minutes [Pull quote: In my experience, our customers really appreciate our team’s attention to detail and ability to listen. Here at Comodo, we value professionalism–but we’re also available and friendly.– Stephen Corsale, SVP of Customer Success and Professional Services at Comodo] One thing that’s unique about the cybersecurity industry is that a vendor is successful when…
Reading Time: 3 minutes With cybersecurity playing such an essential role in modern-day business culture, many companies are sourcing highly specialized personnel to help keep their organizations secure. While departmental structures vary from company to company, many would agree a dedicated Chief Information Security Officer (CISO) provides the best bang for buck when establishing sustainable security practices now and…
Reading Time: 3 minutes It can be hard to imagine a world in which an attempted hack attack occurs roughly every 39 seconds. But research shows that’s the world we live in. Some organizations stay in a permanent defensive crouch, running scans and madly installing security patches as needed. While those are good ways to prevent a cyber attack,…
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
See how your organization scores against cybersecurity threats