Site icon Unocoin Blog

Security: an Update..

Dear Customers,

This is to address all your concerns around security and safety of your bitcoins and account information in lieu of the recent events that have happened with Unocoin. We completely understand the magnitude of the recent events and echo your sentiments on security. Through this I want to convey few facts to you and put things into perspective.

So far..

Yes, it is true that we have been constantly under consistent, coordinated and intense attacks by hackers across the globe since last 2 months. Any online system is prone to cyber attacks. DDoS, Vulnerability exploit and Identity theft are the popular ones and we shall write a blog post explaining these. Most of the times, it will not be the question of IF but it will be the question of WHEN. And when it comes to a bitcoin business like ours, the attack vectors are hundred fold as bitcoin is real money by itself. At Unocoin, it probably started in the third week of June just after we did the server infrastructure migration on 15th of June 2017 . Though the attacks aren’t new for us, the last 2 months had been different. The last couple months had been especially hard since the number of attacks and the intensity of attacks has increased exponentially as compared to before. We had successfully held the fort for the last 3.5 years without any breaches. Many times hackers have come close to breaching the hull but returned empty handed because of various security measures and cold storage practices we have in place. One such attack was in last week of June 2017 where we noticed something serious on our servers and immediately shut down the operations for almost a week in the interest of customers’ funds and their safety. Another attack was in August where there were some unauthorized transactions from few of the customers’ wallets. The magnitude of the damage was very minimal as our security protocols stopped the BTC withdrawals immediately after noticing a pattern. We stopped our operations for a day and Cancelled/refunded the BTC for all the unauthorized transactions created — since for us customers’ funds and their trust on us is of paramount importance and we shall never take it for granted at any cost.

Looks like the perpetrators / hackers have been working round the clock to look for vulnerabilities on our platform and try to breach the system for stealing customer funds. Now, they have now tricked our third party email support provider’s services and have resorted to sending email to our mailing list that reaches to many of our customers claiming that Unocoin has gone live with a ICO for expansions. We are working with the provider to figure out how it happened. We see this as a desperate attempt from them to steal customer funds.

Going forward..

We have been planning an overall system upgrade including IT infrastructure and system architecture along with having best in class user experience and have been hiring resources since last 3 months to implement the same. However the bitcoin adoption and its traction amongst our customers and the interest among our potential customers has been so high that that we have not been able to catch up with the trend as fast as we want to.

But rest assured, we have one of the best security experts on board, we are consulted by one of the best security auditors and also have listed our platform on hackerone (www.hackerone.com) — one of the best bug bounty platforms in the world to scan, analyze and fix the vulnerabilities we may have on our platform. Security is a continuous process and we continue to deploy best practices and constantly monitor for any irregularities. Unocoin has been very cautious of the growing demand for the cryptocurrency and is working on building a best in class architecture to support scalability and security of the platform. The delay in the new architecture is curated with strength and precision to handle larger volumes and security breach attempts.

By this I want to convey and reassure all of you that your funds are safe in our hands and we expect the same level of support and trust going forward from our customers. Thanks!

Sathvik Vishwanath

CEO, Co-founder of Unocoin

Exit mobile version