On Tuesday, Binance Exchange, one of the popular cryptocurrency exchanges, reported a huge security breach where hackers stole around 7,000 bitcoins worth $41 millions, in a single transaction. The hackers were able to gain a bulk of user API keys, 2FA codes, and a lot of other information.
Binance Exchange said that the hackers used a variety of techniques, including phishing, viruses and other attacks. “We are still concluding all possible methods used. There may also be additional affected accounts that have not been identified yet”, Binance said in their official statement.
Binance confirmed that only the BTC hot wallet was affected and all the other wallets are secure and unharmed. The affected ‘hot wallet’ contained about 2% of Binance’s total BTC holdings. The firm also mentioned that the hackers were extremely patient and carried out well-orchestrated actions through multiple seemingly independent accounts at the most opportune time.
“The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that”, Binance’s official statement mentions.
Binance said that no user funds will be affected and it will use the SAFU fund to cover this incident in full.
Binance has estimated a week’s time to conduct a thorough security review of this incident during which all deposits and withdrawals will be needed to remain suspended. The security review will include all parts of their huge systems and data and the updates will be posted frequently.
“We beg for your understanding in this difficult situation”, Binance urged their users.
They further added, “Please also understand that the hackers may still control certain user accounts and may use those to influence prices in the meantime. We will monitor the situation closely. But we believe with withdrawals disabled, there isn’t much incentive for hackers to influence markets.”
Larry Cermak, Head Analyst at The Block and former researcher at Diar, who conducted a research of the Binance hack concluded that it was the sixth largest exchange hack in history. He also said, “the $41 million is “peanuts” for Binance” and it will take hardly 47 days to make the money lost during the breach.
Some of my thoughts/insights on Binance hack
– $41M is peanuts for Binance – they can make it back in 47 days
– It was the sixth largest exchange hack in history and the total amount stolen from exchanges is now $1.35 billion
– reorg was a stupid idea that wouldn't work pic.twitter.com/K8rBuFggZm
— Larry Cermak (@lawmaster) May 8, 2019
In a live video chat, Binance’s chief executive Changpeng Zhao sought to answer questions about the hack.
I think being able to SEE $41m move, in real time and entered across hundreds of thousands of independent ledgers is a true testament to bitcoins value! https://t.co/Odtqw2PQdG
— Charlie Shrem (@CharlieShrem) May 8, 2019
To know more about this news, read the complete official document.