Akademik Veri Yönetim Sistemi
7. ULUSLARARASI BURSA BİLİMSEL ARAŞTIRMALAR KONGRESİ, Bursa, Türkiye, 13 - 15 Haziran 2025, ss.220-233, (Tam Metin Bildiri)
In recent years, cryptocurrencies have gained significant ground as an alternative investment and value transfer tool in the global financial system. Given the increasing popularity of these digital assets, cryptocurrency exchanges have also come to play a central role for both individual and institutional investors. However, this growth has also given rise to significant information security concerns. In particular, the aggregation of user funds on centralized exchanges renders these platforms susceptible to cyberattacks. This study analyzes the primary information security threats faced by cryptocurrency exchanges. The text delves into a range of cyberattacks, including phishing, DDoS (Distributed Denial of Service) attacks, 51% attacks, API vulnerabilities, internal threats, and user-induced errors. It then proceeds to assess the impact of these threats on exchanges. The practical consequences of these threats are illustrated through case studies of Mt. Gox, Coincheck, Binance, KuCoin, and Thodex. Furthermore, the study assesses the primary security measures implemented by cryptocurrency exchanges. The following practices are discussed in terms of their contribution to information security: cold wallet usage, multi-factor authentication (2FA), Know Your Customer (KYC)/Anti-Money Laundering (AML) policies, and smart contract audits. The findings indicate that, in addition to technical measures, user awareness, regulatory oversight, and continuous risk analysis processes are also of critical importance.