A cryptocurrency operator loses all funds, and tells us how it happened. It seems their blog ran on the same system as their exchange site, and even their backups were readable from the web server’s account. Also a marketing person forwarded a password reset email to a support person: an interesting failure mode, that the password reset URL was thereby exposed to a compromised account.
“In addition, the seed for everyone’s Two-Factor Authentication was seen. Completely invalidating everyone’s 2FA. You can reset a password with a valid 2FA code.”
https://www.allcrypt.com/blog/2015/03/what-happened-and-whats-going-on
WordPress definitely needs write access to the database of financial accounts. Totally understandable, and from what I understand this is the industry standard for bitcoin exchanges.
It might be that Wordpress isn’t the right platform for a currency exchange. But even so, surely the public-facing web frontend only needs certain access to certain tables - it can use a different database account than an admin frontend which needs to do other things, like adding accounts.
I’m sure that the real financial industry knows lots of things which the cryptocoin people don’t know, and don’t realise they don’t know. I would bet that doing business is a great deal easier than preventing fraud. But to be viable and credible you need to address both aspects.