Crypto exchange Coinbase initiated a large fund migration on Saturday, moving tokens to new internal wallets in a scheduled, routine security procedure to reduce long-term exposure of keeping funds in the same wallet addresses, which are publicly known.
The migration is not due to any cybersecurity breaches or external threats, according to an announcement from the company. Coinbase said:
“Migrating wallets periodically is a well-accepted best practice that minimizes long-term exposure of funds. This is a planned migration and unrelated to industry changes or price conditions. This is not in response to a data breach incident or external threat.”
This means that large Bitcoin (BTC), Ether (ETH), and other token balances will be moving onchain from Coinbase wallets to other internal Coinbase wallets already labeled by blockchain explorers and intelligence platforms.
Coinbase warned users that during the migration, scammers may attempt to exploit the situation by impersonating Coinbase representatives and reaching out to customers requesting login information or asking users to shift funds, which the exchange never does
The warning is a reminder that crypto users must remain vigilant against phishing attempts, hacks, scams, and other cybersecurity attacks in an ever-evolving threat landscape.
Related: Coinbase ’doubles down’ on Solana with latest DEX acquisition
Idle balances may be a honeypot for hackers: Why periodically shifting funds is a best practice
Hackers target centralized servers, information systems, and hot crypto wallets, which are connected to the internet, to extract information and value from users.
These centralized repositories containing vast quantities of information or tokens are attractive to threat actors, who often plan these attacks for months and see the large centralized systems as honeypots.
The emergence of artificial intelligence and AI-powered tools also gives hackers an edge in assembling heuristic clues through publicly known information and other metadata that can compromise sensitive information or lead to theft, cybersecurity experts tell Cointelegraph.
Quantum computers also pose a threat to current cryptographic technology, which is not far off in the future, but may have already materialized retroactively, Gianluca Di Bella, a smart-contract and zero-knowledge (ZK) proof researcher, told Cointelegraph.
Threat actors may be compiling crypto public keys now until a sufficiently powerful quantum computer is invented.
Then, the quantum computer can derive the private key from the public address in a “harvest now, decrypt later” attack, Di Bella told Cointelegraph.
Cryptographic protocols must switch to post-quantum security standards as soon as possible to neutralize the threat of retroactive hacking, Di Bella said.
Magazine: Real AI use cases in crypto, No. 3: Smart contract audits & cybersecurity