JP Richardson, CEO of self-custody cryptocurrency platform Exodus, recently stressed the importance of ensuring that source code is thoroughly vetted before being deployed. He recommended that crypto companies not entrust code uploads to engineers without independent review.
Richardson argues that this is essential to guard against threats from bad actors, who are becoming increasingly sophisticated at tricking companies into inserting malicious code into their software. He stresses that having a second team of reviewers to review engineers’ code is essential before any updates or upgrades are implemented.
“The key is to build systems so that if something goes wrong, your customers are still protected,” Richardson said, emphasizing that business resilience is key to keeping customers from being exposed to risk.
The comments come amid a rise in North Korean hackers using fake identities to work at cryptocurrency companies.
“They apply for jobs or try to get engineers to download fake malware to get into the system.”
On August 16, blockchain investigator ZachXBT uncovered a sophisticated network of North Korean developers who were able to earn up to $500,000 per month by working on “reputable” cryptocurrency projects. He stressed that these companies were unaware of hiring “North Korean IT workers” using fake identities.
The FBI recently warned that North Korean malicious cyber actors are targeting employees at decentralized finance and cryptocurrency companies through sophisticated social engineering campaigns. The agency noted that these scammers have researched companies associated with cryptocurrency-related exchange-traded funds (ETFs).
Richardson concluded that ensuring that source code is carefully vetted before being put into use is a necessary measure to protect the safety of both the company and its customers in the increasingly complex and evolving cryptocurrency industry.
https://tapchibitcoin.io/kiem-tra-ma-nguon-truoc-khi-trien-khai.html
