Post Mortem – Darwinex Security Incident

25 June 2019
The Market Owl

We have reached out to our users with important information to protect their Darwinex account. This post explains what happened and why we are asking our users to take prompt action.


What happened

An as yet unidentified source managed to insert malicious code into the static content (specific Javascript and HTML files, to be precise) delivered by our Content Delivery Network (“CDN”). Our CDN serves all the static files like images, Javascript, HTML, CSS, etc. Further info on Content Delivery Networks.

If you were affected, this malicious Javascript code might have attempted to:

  1. Redirect you onto a 3rd party site as you attempted to access Darwinex, and/or
  2. Intercept information exchanged between you and us:
    • From your browser to our servers,
    • Data you entered (typed in) whilst the threat was active.

In this regard, it is worth emphasising that:

  1. We’re talking about a vulnerability – most of the actions are pre-emptive to avoid any issues.
  2. Neither our servers nor any of the information stored in our databases were compromised.
  3. We don’t store payment details from our users.
  4. Trading credentials were not affected.
  5. We always verify withdrawal requests to prevent anyone asking us to wire your funds to them.

What was the risk

After conducting a thorough investigation, we concluded that only usernames and / or passwords could have been eventually intercepted, if any.

Since your password is the key to impersonating your interactions with us, we asked you to change it and scan your Darwinex activity logs for unknown activity. You can access your Darwinex user logs in the “Settings” section of your Darwinex profile.


What is the risk now?

None, if your system is free of malicious code (run your antivirus!) and you’ve updated your Darwinex password. If you haven’t already, please do it now.


Next steps

  1. We keep working and investigating this incident with a view to implementing all the relevant measures to pre-empt and identify vulnerabilities going forward.
  2. We are running an in-depth analysis of our Community forum to make sure it has not been affected. Access is restricted for the time being and we will keep you duly posted when it is back again.

Last, but not least, SORRY. We know you have tons on your plate and this gave you a scare and wasted your precious time. We’ll try to make the best of this and evolve from here.

Trade safe,
Your Darwinex Team