The post FixedFloat Exchange Issues Statement on Security Breaches and Future Enhancements appeared first on Coinpedia Fintech News
FixedFloat, a leading cryptocurrency exchange service, is pleased to announce its return to full operation following a series of security breaches that occurred in February and March of this year. The incidents, which resulted in the theft of $26.1 million, have prompted the company to take significant measures to enhance its security infrastructure and ensure the safety of its users’ assets.
In February, FixedFloat experienced a major security breach when an attacker exploited a vulnerability in the company’s security structure. Despite immediate efforts to address the weaknesses, the same attacker struck again on March 31.
After thorough analysis, it was determined that the attacker had exploited vulnerabilities in the services provided by Time4VPS, a third-party hosting provider used by FixedFloat.
Time4VPS: A Compromised Partnership
For several years, FixedFloat relied on Time4VPS for hosting services, which was initially chosen for its affordability and convenience. Although we had progressively migrated most of our infrastructure to proprietary servers, by early 2024, some low-power nodes and subsystems remained hosted with Time4VPS.
Time4VPS, which serves over 100,000 customers across Europe, promotes itself as a secure and customer-focused provider, a claim we found to be misleading.
Security Breach Details
In February, the attacker identified the IP address of one of our technical servers hosted by Time4VPS. On March 31, unauthorized access was recorded across all our Time4VPS servers, even though only one IP was known to the attacker. Despite our immediate actions to change passwords, the hacker managed to override these changes and maintain access.
Time4VPS’s virtualization technology limited our ability to activate critical security protocols following the breach, exacerbating the situation. Despite our efforts to delay further attacks by changing server passwords, the hacker utilized global access permissions to bypass our defenses.
Upon detecting the March 31 intrusion, we promptly notified Time4VPS. However, their response was lackluster; technical support was unavailable due to the holiday. Despite the evident breach, their only advice was to change passwords. It wasn’t until we insisted on action that they acknowledged the hack and promised a report, which remains undelivered three months later.
We suspect either internal negligence or potential complicity from Time4VPS employees in the breach. Given the unresolved vulnerabilities, we believe customer data at Time4VPS remains at risk. This ongoing risk prompted us to cease using their services and rebuild our security framework from the ground up.
FixedFloat’s Comeback
FixedFloat has been a trusted cryptocurrency exchange for nearly six years, driven by a dedicated team committed to excellence. Following the second hack, we suspended operations for two months to overhaul our security infrastructure.
We have now resumed services, fulfilling all obligations to our clients and restoring most cryptocurrency exchanges. Our specialists are actively working to introduce new currencies and further enhance our offerings.
We are deeply grateful to our community for their patience and support during this challenging period. FixedFloat is back, stronger, and more secure, ready to provide the fast, reliable, and top-quality service our users expect.
About FixedFloat
FixedFloat was launched in 2018 by a group of cryptocurrency enthusiasts and blockchain experts with extensive experience in entrepreneurship, web technology, and finance. Through practical and scalable solutions that make the cryptocurrency economy work for users, FixedFloat simplifies the process of exchanging cryptocurrencies.
The platform enables users to choose between fixed or floating exchange rates that fit their investing strategy. FixedFloat boasts fast processing, robust design, and friendly, dedicated customer support, among others to provide a best-in-class exchange that meets all the needs of the cryptocurrency community.
Media contact: pr@fixedfloat.com
Community:
Twitter: https://twitter.com/FixedFloat
Reddit: https://www.reddit.com/user/FixedFloat
Telegram: https://t.me/FixedFloat