Quote:
Originally Posted by rowan
How many exchanges do you think run on bare metal? I bet a lot of them rely heavily on cloud instances in order to scale.
Consider also that even a dedicated server could be attacked via another vector. A process which is running chrooted/jailed, such as a coin daemon, could be examined by an exploit in another part of the server.
|
I think most of them are running on bare metal, with CDN's in front. Bittrex is behind cloudflare. Cloudflare would be vulnerable, and it acts like a proxy for requests between you and bittrex. Besides that, this could be used to steal google authenticator tokens for the two-factor logins on sites.