Just 18 Out of 1,500 Major Cryptocurrencies Are Fully Secured, Shocking New Research Reveals
Crypto News

Just 18 Out of 1,500 Major Cryptocurrencies Are Fully Secured, Shocking New Research Reveals

3m
Created 2yr ago, last updated 2yr ago

It's also emerged that 20% of projects have failed to fix critical security bugs after they have been identified through an audit — potentially putting their users in danger.

Just 18 Out of 1,500 Major Cryptocurrencies Are Fully Secured, Shocking New Research Reveals

Table of Contents

Only 18 projects out of 1,500 major cryptocurrencies are fully secured, according to damning new research given to CoinMarketCap.

Hacken Scout enlisted the help of 111 cybersecurity enthusiasts to perform a comprehensive audit of the DeFi sector in return for a financial reward.

And according to CER.live, which verified their findings, just 1.2% of coins on the list ended up passing an investigation with flying colors.

To be deemed fully secured, projects were required to have a bug bounty program and insurance — and ensure the code deployed for their platform and token matched the code that had undergone a security audit.

Meanwhile, 6.5% were described as well secured — but lack an insurance policy that would protect investors in the event something went wrong.

Overall, 32% of the projects that were scrutinized are currently using code that doesn't match what was reviewed by a security firm, meaning they may be misleading investors if they claim to be audited.

Another concerning statistic reveals that just 21% of platforms have an active public bug bounty program in place — schemes that incentivize white-hat hackers to discover exploits that could be used by malicious actors for financial gain.

It's also emerged that 20% of projects have failed to fix critical security bugs after they have been identified through an audit — potentially putting their users in danger.

CER.live said the findings show there are "serious security issues" in the Web 3.0 Space, adding:

"Projects still undervalue cybersecurity although it is one of the main factors impacting users’ investment decisions."

Each of the 1,500 cryptocurrencies that was scrutinized will now receive a rating — and it's hoped projects that score poorly will be encouraged to pay closer attention to security. As well as receiving a reputational boost, other benefits include securing investment from new users, and reducing the risk of an outflow of assets.

Y

Listen to the CoinMarketRecap podcast on Apple Podcasts, Spotify and Google Podcasts

What This Means for Crypto Users

The cybersecurity scouts who volunteered to investigate each cryptocurrency collectively earned 352,000 Hacken tokens — worth $24,000 at current market rates.

Hacken and CER.live say it would usually take months to gather data about 1,500 cryptocurrencies, but this approach sped things up dramatically while offering a financial incentive to volunteers.

Both organizations claim that many projects no longer use a code that was verified by auditors — and worse still, some platforms have failed to publish the audited code for their projects on GitHub.

Investors are being urged to double-check whether the crypto projects they're interested in are backed by insurance policies that protect the platform against the fallout from thefts or hacking incidents — as this ultimately protects the financial interests of end users.

Other top tips include verifying whether a platform's security audits cover all of the smart contracts in operation. While a crypto project may offer token swaps, farming and staking, it's possible that only one smart contract was scrutinized, leaving a high risk of vulnerabilities in the others.

Finally — if security vulnerabilities are identified through an audit — users should try to determine if a platform has fixed them, with CER.live accusing some projects of neglecting to take action because of a lack of time or resources.

28 people liked this article