Zoomex Receives Comprehensive Security Audit from Hacken | News Direct

Zoomex Receives Comprehensive Security Audit from Hacken The audit report underscores Zoomex's significant strides in security enhancement.

News release by Zoomex

facebook icon linkedin icon twitter icon pinterest icon email icon SINGAPORE | July 16, 2024 11:31 PM Eastern Daylight Time

Zoomex, an innovator in the cryptocurrency exchange market since its inception in 2021, has announced the successful completion of its latest security audit conducted by the renowned cybersecurity firm, Hacken. The evaluation underscores Zoomex’s unwavering commitment to ensuring the highest levels of security, transparency, and user experience in the fast-evolving digital asset trading industry.

 

ZOOMEX <> Hacken Certificate
ZOOMEX <> Hacken Certificate

Overview of the Security Audit

 

The security assessment, documented under the "Pentest and Security Analysis Report for Zoomex," was led by Faizan Nehal and approved by Stephen Ajayi from Hacken. This thorough evaluation entailed penetrating testing and security analysis to ascertain the robustness of Zoomex’s platform, covering both the web application and API endpoints.

 

Zoomex, recognized for its cutting-edge blockchain technology, continues to reinforce its reputation as a secure and reliable platform offering transparent digital asset trading services to millions of users worldwide.

 

Hacken Audit
Hacken Audit

Audit Summary

 

The audit identified seven vulnerabilities, classified by severity into critical, high, medium, and low categories. Here’s a summary of the findings:

1. Commitment to Security and Transparency

The audit report underscores Zoomex's significant strides in security enhancement. The identification and resolution of these vulnerabilities demonstrate Zoomex's dedication to safeguarding user assets and providing a resilient trading environment.

2. Vulnerability Details

The report detailed the various vulnerabilities as follows:

  • Unauthorized Fund Transfer (F-2024-4042) [Critical]: A vulnerability allowing unauthorized users to transfer funds. Status: Fixed.
  • Improper KYC Verification (F-2024-4028) [High]: Weaknesses in the Know Your Customer (KYC) process could potentially allow users to create accounts using stolen identities. Status: Accepted.
  • Access Control Issue (F-2024-4019) [Medium]: This issue pertained to the ability to apply for the Zoomex VIP Club on behalf of other users. Status: Fixed.
  • Bypass Email Code Verification (F-2024-3998) [Medium]: A vulnerability enabling bypassing 2FA email code verification when activating Two-Factor Authentication (2FA). Status: Accepted.
  • Bypass 2FA Verification (F-2024-4004) [Medium]: A similar vulnerability that affects 2FA verification but occurs when changing phone numbers. Status: Accepted.
  • Vulnerable JavaScript Dependency (F-2024-4043) [Low]: This low-risk vulnerability involves identifiable weak points in the JavaScript dependencies. Status: Accepted.
  • Bypass Nickname Length Verification (F-2024-4009) [Info]: This issue was a less critical vulnerability that allowed users to bypass the length verification for nicknames. Status: Fixed.

3. Response and Resolutions

Zoomex proactively took steps to rectify several of the highlighted vulnerabilities, marking critical steps towards bolstering security. Three of the vulnerabilities were resolved, demonstrating a diligent response process:

  • Access Control Issue,Unauthorized Fund Transfer and Bypass Nickname Length Verification were fixed immediately.

  • Critical vulnerabilities such as improper KYC verification, as well as the medium-risk 2FA bypass issues, are currently under an accepted resolution plan, indicating ongoing efforts to enhance platform security.

 

4. Transparency and Accountability

Zoomex's engagement with Hacken for this audit highlights their commitment to transparency and accountability. By making the audit results public, Zoomex ensures that users and stakeholders remain informed about the measures being taken to protect their assets and personal information. This level of openness is crucial in building and maintaining user trust in the competitive and rapidly evolving cryptocurrency exchange market.

In a statement, Zoomex’s leadership emphasized, “Our collaboration with Hacken has been instrumental in identifying and addressing potential vulnerabilities in our platform. We are committed to continually improving our security measures to provide our users with the safest and most reliable trading experience possible.”

 

Future Plans and Security Enhancements

With the preliminary report now published, Zoomex is set to implement further enhancements as part of its ongoing security roadmap. The continued partnership with Hacken will ensure that new and emerging threats are promptly identified and addressed. Future updates and security audits will be scheduled periodically to ensure sustained compliance with the best security standards and practices.

Zoomex has also outlined plans to incorporate additional layers of security measures, including:

  • Enhanced Monitoring Systems: Implementation of advanced monitoring tools to detect and respond to suspicious activities in real-time.
  • User Education and Awareness: Launching educational campaigns to inform users about best practices in securing their accounts and transactions.
  • Advanced Authentication Mechanisms: Strengthening two-factor and multi-factor authentication systems to further mitigate risks associated with unauthorized access.

 

HACKEN <> ZOOMEX
HACKEN <> ZOOMEX

Final Thoughts

 

The latest security audit by Hacken is a significant milestone for Zoomex, reaffirming its resolute commitment to security and transparency. As the cryptocurrency exchange industry advances, maintaining rigorous security standards is not just an option but an imperative necessity. Zoomex's proactive approach in addressing vulnerabilities and reinforcing its security infrastructure. Users can remain confident that Zoomex is dedicated to providing a secure, reliable, and transparent trading platform.

Moving forward, Zoomex will continue to prioritize user safety and platform integrity, ensuring that it remains at the forefront of secure digital asset trading. By regularly engaging with top-tier cybersecurity firms like Hacken and adhering to stringent security protocols, Zoomex is well-positioned to navigate the complexities of the digital asset landscape.

For more detailed information, users and interested parties can access the full security audit report and future updates on the Zoomex and Hacken websites.

 

Contact Information

 

Hacken: [hacken.io](https://hacken.io)

Zoomex Official: https://www.zoomex.com 

  X (Twitter): https://twitter.com/ZoomexOfficial 

  Telegram: https://t.me/zoomex_com 

  LinkedIn: https://www.linkedin.com/company/zoomex-com 

  Contact Person: Ashley Levin

Business Mail: business@zoomex.com 

 

Contact Details

 

Ashley Levin

 

business@zoomex.com

 

Company Website

 

https://www.zoomex.com/en/UEFA