pfe-blockchain/team_centralisé/notes_elo.md

1) Access to hot/cold wallet with stolen private key
	Exemple: BitMart
	Source: https://support.bitmart.com/hc/en-us/articles/4411998987419-BitMart-Security-Breach-Update
	Solution utilisée : Remplacement des adresses de déposit et mise à jour des clefs

2) Compromised system/servers 
	Exemple: Bitpoint


3) Data leak (private key) 
	Exemple : KuCoin
	Source : https://www.kucoin.com/fr/news/en-kucoin-ceo-livestream-recap-latest-updates-about-security-incident
	Solution utilisée : Abandon des hot wallet


4) Malware/Phising 
	Exemple: Bitstamp
	Source: https://www.reddit.com/r/Bitcoin/comments/3bpdb4/bitstamp_incident_report_22015/
	Solution utilisée : Ne pas ouvrir des documents word provenants de sources inconnus (le doc contenait un script VBScript qui téléchargeait un malware)

5) Vulnerability in protocol
	Exemple: Balancer
	Source: https://cryptopotato.com/rising-defi-protocol-balancer-loses-500000-to-hacker-in-pool-exploit/
	
6) Bugs and Re-entrancy attack 
	Exemple: Lendf.me, Uniswap
	Mots clefs : Reentrancy attacks, token ERC777
	GitHub exploit : https://github.com/OpenZeppelin/exploit-uniswap
	Source: https://www.zdnet.com/article/hackers-steal-25-million-worth-of-cryptocurrency-from-uniswap-and-lendf-me/
	Solution utilisée : 

7) Suspected trusted insider 
	Exemple: CoinSecure
	Source: https://securityaffairs.com/71322/hacking/coinsecure-hacked.html

8) Phishing data on fake site
	Exemple: LocalBitcoins
	Source: https://www.reddit.com/r/localbitcoins/comments/ak1u8m/localbitcoins_report_on_the_security/
	Attaque : Redirection des utilisateurs vers un site de phising

9) Server DNS compromised 
	Exemple: EtherDelta
	Source: https://www.ccn.com/cryptocurrency-exchange-etherdelta-hacked-in-dns-hijacking-scheme/

Source vulnérabilités : https://resources.infosecinstitute.com/topic/security-vulnerabilities-of-cryptocurrency-exchanges/