With the recent Binance hack of 7,000 BTC cyber security firm Ciphertrace pointed out that the reason hackers were able to obtain API keys, 2FA codes and other info was due to hacking hot wallets using a two factor approach, social engineering and SIM card porting of phone numbers.
What Dave Jevans recommends moving forward is a 3FA approach. Has anyone used this or what are your thoughts?
https://cryptobriefing.com/binance-promises-to-cover-7000-btc-lost-in-hack/Here is a few things they can do POP proof of person
https://www.youtube.com/watch?v=l4x0vOAu0lQThey could also when they see a bunch of accounts withdrawing or trading alts into bitcoin at the same time, freeze those accounts. Set up a "line up" where they can only service one person at a time. Every time these big exchanges get hacked there is so many accounts doing something at the same time. Why not have a Queue?
Imagine being in a mcdonalds and everyone walks up and orders something from the cashier at the same time, that is what is going on here.
Why not make them form a line and take each customer one at a time? or 3-4...
Kind of like a data throttle or engine throttle
Granted this will only stop massive attacks and slow them down, but small scale attacks will be done if they don`t use 3fa.
850,000 coins went missing more than satoshi owns has because of not having a line, at mt.gox.
It is pretty simple you set up a system where "if certain amount of users withdraw or alts are being traded and exchanged for btc which exceeds above normal a rate of traffic by 1.5x or 2x transactions" exec queue timer.
I don`t know I am no expert at coding but I am sure it would not take much. To do the later suggestion.