Monthly Crypto Exchange Updates: December 2024

December 2, 2024 • by Andrii Demydenko

As part of our ongoing commitment to tracking and improving the cybersecurity standards of cryptocurrency exchanges, we’ve compiled the latest updates based on our methodology. This month, we highlight newly listed exchanges, projects demonstrating dedication to cybersecurity, and exchanges that dropped in rankings.

New Listings

We welcome several new exchanges to our platform this month.
(!) These exchanges are still in the early stages of evaluation, and we are awaiting their submission of penetration tests, audits, and certifications to confirm their commitment to cybersecurity:

• SuperEx Exchange: Initial score of 21.5/100.
• Arkham Exchange: Initial score of 40.9/100.
• Blynex Exchange: Initial score of 20/100.
• Hibt Exchange: Initial score of 13.7/100.

These exchanges have much room for improvement and are encouraged to prioritize cybersecurity measures to enhance their scores.

Exchanges Demonstrating Cybersecurity Commitment

Several exchanges have renewed their dedication to security by conducting penetration tests or implementing new security measures:

• Digifinex, Bitkub and Bitget provided renewed penetration tests maintaining the score at 76/100, 88/100 and 90/100, respectively.
• LCX: Improved by +12.5 points, reaching a total score of 57.6/100, after providing a penetration test (though not fully scoped).
• Coinstore: Gained +0.9 points, bringing its total to 80/100, by implementing device management for enhanced user security.
• Toobit:
  • Added +3 points for user security by implementing a withdrawal whitelist.
  • Gained +3 points for server security with DNS/SPF configuration.
  • Despite these improvements, Toobit’s total score remains at 51.4/100, as its penetration test expired (-24.9 points). However, the exchange is actively finalizing a new pentest.
• Zebpay:
  • Improved by +1 point for server security through enhanced SSL/TLS configuration.
  • Gained another +1 point for better HTTP headers configuration, bringing its total score to 33.3/100.

These updates reflect proactive steps taken by exchanges to strengthen their defenses against cyber threats.

Exchanges Dropping in Rankings

Unfortunately, some exchanges experienced declines in their scores due to expired penetration tests or other lapses:

• Deepcoin: Dropped by -25 points, now scoring 51.3/100, due to an expired penetration test.
• Slex: Fell by -25 points, with a current score of 55/100, also due to an expired pentest.
• Toobit: Lost -24.9 points as mentioned earlier, though efforts are underway to renew its pentest.

These declines highlight the importance of maintaining up-to-date security audits and certifications.

Final Thoughts

This month’s updates underscore the critical role of regular audits and proactive security measures in maintaining high cybersecurity standards. While new listings like SuperEx and Arkham have just begun their journey, established players like Bitget and Bitkub continue to set examples with consistent performance. On the other hand, lapses such as expired penetration tests serve as reminders of the dynamic nature of cybersecurity.

We encourage all listed projects to prioritize robust security practices and submit comprehensive audits and certifications to improve their standings. Stay tuned for next month’s updates!