Gate.io is listed among the top 10 crypto exchanges according to CoinMarketCap. Since its founding in 2013, the company has remained committed to making the safety and security of its users its top priority, which requires strong safety measures to protect its traders from hackers and fraudsters.
Cookie data can be used for session hijacking or donation. Session hijacking is when an attacker can impersonate a victim inside an app. Session donation is when an attacker tricks the victim into performing actions inside the attacker’s account. For more cookie exploits, check out this source.
Stealing data from account information could include things like names, addresses, and finances.
Impersonating the account owner could have led to stealing the funds.
Code Injection into Server
A hacker could inject a malicious script into the company server. The attacker could do it remotely by using the /script command on Java.
Remote code execution is one of the most critical issues because it can compromise server data.
Gain access to other databases using lateral movement
Sell the server data to competitors
Ransom the server data and blackmail the company to pay for the silence
Publish the server data on public resources
Once these vulnerabilities were identified, the Gate.io team expedited addressing them as quickly as possible to ensure the platform remains secure and users are protected from potentially malicious actors.
The company remains steadfast in its commitment to a safe and secure trading environment on its different platforms:
HackenProof is a bug bounty platform for crypto exchanges. The platform connects crypto exchanges with ethical hackers.
Once whitehat hackers identify the exchange’s vulnerabilities, they deliver a report to the exchange.
Most of the reports are raw and need to be verified. For this reason, the HackenProof triage team takes on this responsibility and saves time for the exchanges. Then, the exchange developers fix these vulnerabilities.
Soul Society, a Web3 social service and our latest client, has recently embraced the innovative concept of Growth-Type Soul-Bound Tokens (SBTs). These tokens are a unique blend of technology and user engagement, allowing people to participate in various activities and acquire rewards and SBTs that define their digital identities. Each user can own multiple SBTs,