• Hacken
  • Blog
  • Case Studies
  • CoinGecko Penetration Testing

CoinGecko Penetration Testing

6 minutes

By Malanii Oleh

CoinGecko is the world’s largest cryptocurrency data aggregator and one of Hacken’s closest partners. Since 2014, CoinGecko has been a trusted source of information by millions of cryptocurrency investors, and their mission is to empower the cryptocurrency community with an in-depth, 360-degree view of the market.

CoinGecko delivers comprehensive information from thousands of data points such as price, trading volume, market capitalization, developer strength, community statistics, and more. It currently tracks over 11,000 crypto assets from over 700 exchanges worldwide. For more information about CoinGecko, visit https://www.coingecko.com.

Transforming The Crypto Market

Together, CoinGecko and Hacken’s strategic partnership has changed Web3 for the better.

The number of smart contract audits, penetration tests, and bug bounties has increased after the introduction of CER.live cybersecurity ratings and implementation of the CoinGecko Trust Score. Today, security standards for projects have tightened mostly due to the ripple effects from FTX’s collapse and the demand for proof of reserves for crypto exchanges to regain consumer trust.

Hacken offers high-quality blockchain security practices that help to build trust with customers, investors, and regulators. For example, our Proof of Reserves Audit provides a transparent and verifiable snapshot of an organization’s financial position. Undergoing this vital auditing process showcases financial stability and commitment to transparency and is especially relevant for Web3 projects managing significant assets.

CoinGecko Trust Score

CoinGecko and Hacken work in tandem to promote better resilience to cyber threats. For example, CoinGecko ranks the top crypto exchanges by Trust Score and trading volumes.

In Jan’23, CoinGecko rolled out Trust Score 3.0:

  1. Liquidity: 4 points
  2. Cybersecurity: 2 points
  3. Scale: 1 point
  4. Past Incidents: 1
  5. Proof of Assets: 1
  6. Team Presence: 0.5
  7. API Coverage: 0.5


Cybersecurity makes up 2 points out of 10 in the overall score, and Hacken is the provider of data for this vital metric.

Like an invisible hand guiding the industry and market, CoinGecko’s Trust Score guides crypto exchanges in the direction of ensuring better security practices.

It is in every crypto exchange’s interest to have the highest possible Trust Score, when listed on CoinGecko. For a crypto project, a higher score is beneficial in every aspect– it’s good for community relations, market adoption, and financials. In order to score well for CoinGecko’s Trust Score, crypto projects and exchanges must take its security seriously. 

At Hacken, we understand the immense responsibility of assessing and ranking security for thousands of crypto projects. That’s why we created a separate entity solely for independent monitoring and analytics – CER.live. CER.live provides objective cybersecurity ratings for crypto exchanges and cryptocurrencies.

CoinGecko uses the data provided by CER.live in its Trust Score and the “Cybersecurity” tab.

It’s a two-sided collaboration, and CER uses CoinGecko price data for every listed project.

At Hacken audits, we also use CoinGecko API data to give more information about our clients.

CoinGecko Factor

With more than 50 million monthly visitors, CoinGecko has the influential power to set industry best practices. As their vision is to empower the decentralized future, CoinGecko is deeply committed to making the crypto market more safe and secure. Thanks to their stance, millions of crypto users, blockchain developers, and entrepreneurs have learned to care about security. Ultimately, a secure crypto market without hacks, scams, and frauds will help pave the way for a global adoption of cryptocurrencies.

In addition to pushing the market to change for the better, CoinGecko leads this change by example. As a long-standing partner of CoinGecko, Hacken can shed some light on that.

Hacken Penetration Testing For CoinGecko

Hacken.io performed penetration testing for CoinGecko to ensure they are secure. We put CoinGecko web and mobile apps, as well as APIs, against our strongest penetration testers.

Hacken professionals tested CoinGecko systems in the black box assessment for vulnerability identification, version enumeration, information leakage, vulnerability exploitation, and brute force attacks.

CoinGecko also requested Hacken penetration testing to check a new feature added to their client application thoroughly. For our partner, external pentesting was a continuation of internal efforts to catch and fix errors. According to the CoinGecko team, “When the Social login feature was launched, we wanted to perform a pentest to identify any potential exploits that would compromise user accounts. We started with our own internal testing and resolved any defects found.” After the internal testing, CoinGecko went with the pentest, which began right after the release of the production environment.

Hacken also pentested CoinGecko APIs. CoinGecko provides API for crypto prices, market capitalization, and trade volumes. Virtually anyone in the crypto market uses these.

We won’t get into details of the proactive pentesting, but we can share the final results. The overall security benchmark of CoinGecko is 10/10 or “Highly Secure.”

The Road Ahead

CoinGecko and Hacken have formed a strategic partnership that has helped transform the Web3 market by promoting security measures such as introducing CER.live cybersecurity ratings and the CoinGecko Trust Score. The latter ranks top crypto exchanges by a score that includes cybersecurity, with Hacken being the data provider for the cybersecurity metric.

Hacken also performed penetration testing for CoinGecko to ensure their new features and APIs work without any hidden flaws, and the results showed that CoinGecko is highly secure. Partnership with CoinGecko is vital for our mission of making Web3 a safer place. With CoinGecko being influential in the crypto market with over 50 million monthly visitors, their security focus has encouraged others to care about crypto security and helped push the market towards better practices.

Subscribe
to our newsletter

Be the first to receive our latest company updates, Web3 security insights, and exclusive content curated for the blockchain enthusiast.в

Speaker Img

Table of contents

  • Transforming The Crypto Market
  • CoinGecko Trust Score
  • CoinGecko Factor
  • Hacken Penetration Testing For CoinGecko

Tell us about your project

Follow Us

Read next:

More related
  • Blog image
    Decoded: KyberSwap Hack vs Extractor Prevention Mechanisms

    9 min read

    Case Studies

  • Blog image
  • Blog image
More related →

Trusted Web3 Security Partner