Hackers use cookies to steal user privacy and impersonate exchanges to conduct illegal transactions. Users need to take a series of preventive and countermeasure measures. The following are some specific defense and countermeasures: Measures that exchanges should take, and some suggestions:

Enhanced session management

Short session duration: shortens the effective duration of user sessions and forces regular re-authentication.

Activity monitoring: Monitor user sessions for unusual behavior, such as logging in from multiple geographic locations simultaneously.

Multi-factor authentication

Enforce 2FA: All users are required to enable two-factor authentication (2FA). Even if an attacker obtains the user's cookie, they cannot pass the 2FA verification.

Cookie security settings

Secure and HttpOnly tags: Set the Secure and HttpOnly tags of cookies to prevent cookies from being sent over insecure connections and to prevent client scripts from accessing cookies.

SameSite attribute: Use the SameSite attribute to limit cross-site request forgery (CSRF) attacks.

Device Trust Management

Device binding: Bind the user's frequently used devices, and access from unfamiliar devices requires additional verification.

Device fingerprint: Use device fingerprint to identify user devices and immediately warn or block abnormal devices.

Abnormal activity monitoring

Behavioral analysis: Use machine learning and behavioral analysis techniques to detect abnormal transaction and login behaviors.

Real-time notifications: Once unusual activity is detected, users are notified immediately and appropriate actions can be taken.

Actions to be taken by the user

Clear cookies and cache regularly

Browser cleaning: Regularly clean your browser's cookies and cache to reduce the risk of privacy leaks.

Privacy mode: Use the browser's privacy mode for sensitive operations to avoid leaving browsing history and cookies.

Use security tools

Browser extensions: Use specialized security extensions, such as uBlock Origin, Privacy Badger, etc., to enhance the privacy and security protection of your browser.

Security software: Install and update security software to prevent malware from stealing cookies and other sensitive information.

Security awareness education

Be wary of phishing attacks: Avoid clicking on suspicious links or opening unknown attachments to prevent cookies from being stolen.

Strong password management: Use strong passwords and password managers to prevent password leakage and reuse.

Emergency Response Measures

Freeze account immediately

Account freezing: Once abnormal account activity is discovered, the exchange should immediately freeze the affected account to prevent further losses.

Urgently contact users: Immediately contact affected users to confirm account activity and provide further guidance.

Investigation and evidence collection

Log analysis: Analyze server and application logs to track attack paths and sources. #来之不易的积蓄请善待

User Compensation and Support

Compensation measures: For user losses caused by security vulnerabilities, the exchange should consider reasonable compensation plans.

Secondly, you cannot push all security issues to the exchange. You must also have 100% of your concern and patience to maintain your own assets.