It has been pretty quiet around CryptoAve, the exchange ran by Baritus, creator of DigitalCoin & SecureCoin, who also manages the Argentum crypto currency.
If you don’t remember, CryptoAve launched earlier this year, and was forced to shut down within a month of its existence, because there were some security vulnerabilities detected. No user information was leaked, but this was done as precautionary measure.
We can now confirm that, according to a statement made by Baritus himself, these vulnerabilities were a result of the HeartBleed bug, for the following reasons :
1. Attacker only had partial user data, and only data that is transferred through SSL
2. Attacker used password recovery feature and intercepted SSL encrypted email transmission to acquire reset password key
3. Attacker bypassed duo security as the 2FA is also secured by SSL
4. Attacker gets stopped at this point by detection of IP and other irregularities
Now that the HeartBleed bug has been sorted out, we are expecting the CryptoAve exchange to relaunch in the very near future. The only “exact” date we have seen mentioned so far, was May 1st, which is only two weeks away.
I’m looking forward to seeing CryptoAve re-open for the public, so we can finally start exchanging US Dollars to DigitalCoin/SecureCoin/Argentum.
We will keep you updated as more news becomes available.