Risk Management.
You've done your due diligence: unique email/pass, 2FA, VPN.
No such thing is "safe".
There are only 2 types of companies: those that have been hacked, and those that will be hacked.
You've done your due diligence: unique email/pass, 2FA, VPN.
No such thing is "safe".
There are only 2 types of companies: those that have been hacked, and those that will be hacked.
And then there are those which are not worth bothering to hack!
I think Cryptopia might pass from all those 3 types eventually!
I was a locksmith for many years before i got into infosec:
The average thief will spend 5 minutes trying to break into a home. If they fail, they move to the next house.
HOWEVER.
If they want to get in - they are going to get in.
The same holds true with crypto.
That's exactly the point. There is a difference between a company using hot wallets and cold storage, just like there is a difference between someone using a regular vs. a high-security lock/door. You're acting as if they are the same.
Actually in essence they're pretty much the same thing, both a cold storage and a hot storage are a pair of public and private key. What we "usually think" of cold storages is that the company using them won't have the private key saved in a place that's accessible from the internet.
However what we think as common sense is not necessarily what Cryptopia or any other company might be doing, they might just have the private keys of the cold storage in the CEO's personal PC while he's downloading pirated software or clicks on any ads that pops in his screen for all we know.