The issues of data and assets security remain among the most important ones within the crypto space. Though it’s always better to prevent any potential security vulnerability, if it has been detected, it is very important to react timely and not to let funds be affected.
CoinSpeaker has already reported that DX.Exchange positions itself as a revolutionary Estonia-based cryptocurrency exchange that offers its users a possibility to trade tokenized Nasdaq stocks and cryptocurrencies on the same platform.
The platform that went live on Monday is said to utilize Nasdaq’s matching engine and financial data exchange protocol to ensure the trading of these digital securities.
Nevertheless, in its first few days, the security vulnerability was detected and reported by the tech news website Ars Technica. According to the crypto media, a trader, who preferred to stay unnamed due to the nature of the situation, conducted a security analysis of DX.Exchange.
In the framework of this analysis, he found out that some sensitive data of the exchange’s users were being sent to their browser. And the main problem was that the data leaked contained users’ authentication tokens and password reset links.
Given the fact the tokens are formatted with the help of an open standard known as JSON Web Tokens, they can be easily accessed by everyone who could get the full names of token holders and their email addresses.
“I have about 100 collected tokens over 30 minutes. If you wanted to criminalize this, it would be super easy”, concluded this anonymous trader.
He also said that knowing the above-mentioned weak points of the platform, fraudsters could easily gain access to the accounts not only if their owners hadn’t logged out but also even if they had done it.
DX.Exchange’s Reaction
Nevertheless, it didn’t take long (just less than a day) for DX.Exchange to report that they had fixed their critical vulnerability that leaked sensitive user data adding that no user funds had been affected.
In his statement, Daniel Skowronski, CEO of DX. Exchange, said:
“We would like to thank the vigilant reporter, and our supportive community, who together, brought this issue to our attention. We are happy to report that the vulnerability has been successfully patched, and no user funds were compromised. Our launch was met with a stellar response from our community eager to trade cryptocurrencies and digital stocks. Customer funds were always safe, our multi layer advanced monitoring and defense mechanism was able to avoid any further issue.”
DX. Exchange also invited any developers who would discover bugs in the future to inform the exchange directly using a special Bug bounty program. It is strongly believed that this program will help to fix all vulnerabilities (if any) timely without letting them cause harm to users’ funds.
I’m a content writer and editor with extensive experience creating high-quality content across a range of industries. Currently, I serve as the Editor-in-Chief at Coinspeaker, where I lead content strategy, oversee editorial workflows, and ensure that every piece meets the highest standards. In this role, I collaborate closely with writers, researchers, and industry experts to deliver content that not only informs and educates but also sparks meaningful discussion around innovation.
Much of my work focuses on blockchain, cryptocurrencies, artificial intelligence, and software development, where I bring together editorial expertise, subject knowledge, and leadership experience to shape meaningful conversations about technology and its real-world impact. I’m particularly passionate about exploring how emerging technologies intersect with business, society, and everyday life. Whether I’m writing about decentralized finance, AI applications, or the latest in software development, my goal is always to make complex subjects accessible, relevant, and valuable to readers.
My academic background has played an important role in shaping my approach to content. I studied Intercultural Communications, PR, and Translation at Minsk State Linguistic University, and later pursued a Master’s degree in Economics and Management at the Belarusian State Economic University. The combination of linguistic, communication, and business training has given me the ability to translate complex technical and economic concepts into clear, engaging narratives for diverse audiences.
Over the years, my articles have been featured on a variety of platforms. In addition to contributing to company blogs—primarily for software development agencies—my work has appeared in well-regarded outlets such as SwissCognitive, HackerNoon, Tech Company News, and SmallBizClub, among others.
