Published
5 years ago on
January 17, 2019
We are always looking for new ways to make our investments a little easier. The chances are as a cryptocurrency investor, you’re in full time employment or you’re in full time education and thus spend the majority of your day at work. Unless you’re in a job at (for example) a cryptocurrency news website, you’re probably unable to dedicate time during working hours to monitoring the markets in order to make the most of price swings and rallies. Whilst you’re at work, if a breakout takes place you might not be made aware and thus, might lose out a chance to hit a big win.
This is where crypto bots come into play. Crypto bots are programmes that can be used in order to allow a ‘bot’ to manage your cryptocurrency portfolio for you. This means your investments are controlled automatically based on parameters set by yourself, meaning you can rest easy in the knowledge that your ‘bot’ is doing the hard work for you. This is great, because it means you don’t need to rely on notifications and you don’t need to chase the markets, however at the same time, there are a number of significant drawbacks to consider that mean using bots might not be the wisest move, especially if you’re security conscious.
A recent article titled: Can Crypto Bots Be Hacked on Exchanges? Julia Beyers explores some of the risks that should be considered when opting to use a crypto bot. The article in Hacker Noon begins by going into further detail about exactly what these bots are:
“Crypto trading bots are programs, which analyze markets and place orders automatically. Considering high volatility and constant changes of the crypto world, bots are convenient as they can monitor the market 24/7/365. Also, they are fast and can place buy/sell orders regularly to get more profits. They are relatively complex systems, which strictly follow the user-defined preferences, so they require careful tuning. Additionally, advanced programs may come with monthly fees. It means that you can easily lose money if you don’t know how to use bots properly.”
These bots come in all shapes and sizes, some require subscription payments, some are free, some take a commission. There's almost a crypto bot option for everybody! What I would like to ask however is this, why let an automated programme control your crypto assets, when you wouldn’t let a robot look after the cash in your wallet? It’s hardly a surprise to suggest that these bots are very exposed to hacking and manipulation, meaning when you run a bot and ask it to trade for you, someone could be controlling it behind the scenes in order to steal your profits and your assets. Even more concerningly, the bots can get it wrong all together.
Your assets simply aren’t secure when using bots
There are a number of big security risks to consider then before deciding to use a bot. If you listen to these risks and decide that hey, you’re happy to take the risk then go ahead. We aren’t saying DON’T use crypto bots, however we are saying that if you choose to use them, you should be well aware of the risks. Our other advice would be to only trust yourself when it comes to deciding how to spend your money on crypto!
According to Beyers:
“Crypto bots execute orders by interacting with exchanges APIs — application programming interfaces. As a result, we face the scenario of two machines working together without manual control. The problem is in the centralized nature of trading bots and platforms. As hackers can’t access blockchain-based systems because of their nearly perfect security, they focus on traditional central-server systems, which rely on personal data like passwords, e-wallet addresses or keys. And it becomes even easier to hack machines, which work independently.”
The exchange API’s exist on traditional databases which are far easier to hack than blockchain based applications, because of this, hackers are able to change the data in order to manipulate bots into making unprofitable deals (deals that profit them, but not you), stealing money from your account and even into extracting and publishing sensitive data, including your private keys.
If you don’t believe us, Beyers highlights a very significant case in which this sort of API manipulation has happened within a leading cryptocurrency exchange, Binance:
“This exchange has three permissions in its API: reading, trading, and withdrawing. In July 2018, hackers got access to the first two levels, pumped the price of SYS coin, and transferred huge amounts to the accounts with withdrawing permissions that they had controlled earlier.”
The pump of SYS coin meant that hackers could make the most of climbing prices in order to generate huge profits for themselves, at the expensive of the honest SYS coin investors who inadvertently pumped tonnes of their own money into a pump and dump scam.
You can protect yourself
If, after all this you decide that you still really want to use crypto bots, there are a number of steps that Beyers suggests you can implement in order to protect yourself:
Keep your API key secret (just like any other password or key, don’t share it), don’t allow automated withdrawals (at the very least you should manage your own withdrawals so these bots can’t carry them out for you, and ‘accidentally’ withdraw your funds to the wrong account) and lastly, do your research. The research sentiment goes for everything in this industry, but it is vital. Research your bots, find out whos made them and find out how they work. Stick with what you know and be cautious. Bots can be great, when used safely, remember that!
Crypto Revolution Giveaway
Have you heard? Crypto Daily have launched their latest Ethereum giveaway, one that is set to inspire the start of a new crypto revolution!
Click here for more information
Investment Disclaimer
