What does the latest Binance hack tell us about cryptocurrency security?

By Michael Buchanan, Blockchain Developer

In early May the popular cryptocurrency exchange Binance announced it had uncovered a large-scale security breach that saw attackers make off with over 7000 bitcoin, worth roughly US$41million, from one of the exchange’s cryptocurrency wallets.

Binance is keeping specific details about how the hack was performed internal at this time, but from what little information has been made public, it is thought that a number of account credentials were collected through phishing attacks and targeted malware, and these accounts were used to initiate a withdrawal of 7074 BTC from the exchange’s hot wallet into multiple wallets controlled by the attacker.

According to the post-incident report, Binance’s internal suspicious activity control systems alerted the site’s administrators immediately after the withdrawal of over 7000 BTC, and in response Binance immediately froze all deposits and withdrawals to conduct a security review to assess the cause and effects of the security breach.

The security breach was initially disclosed by Binance CEO Changpeng Zhao (CZ) in a blog post titled “Binance Security Breach Update” on their website, just a few hours after CZ announced on Twitter that Binance was undertaking “some unscheduled server maintenance”.

The post gave Binance’s customers a timely and transparent overview of the situation, pointing to the exact transaction in which the theft took place, as well as the suspected attack vector.

The update also reassured users that due to the exchange’s proper use of cold storage, the attackers only managed to steal approximately 2 percent of their total BTC holdings, and as such the exchange was still solvent.

Binance has stated that they will use their SAFU fund (Secure Assets Fund for Users — an emergency insurance fund intended to be used to mitigate significant operational losses) to cover the stolen cryptocurrency, according to the security breach update, and have assured users their deposits or balances will remain unaffected by the hack.

So what can be learned about cryptocurrency security from this latest high profile security breach?

Even the most popular and well regarded cryptocurrency exchanges are still vulnerable to security breaches.

Binance may be one of the most popular cryptocurrency exchanges, but that doesn’t make them immune from being a victim of a security breach.

Exchanges that have contingency plans in place fare a lot better than those that don’t
 Exchanges are a risky place to store your funds

Binance was able to reassure their users that due to their insurance fund, all users’ cryptocurrency was safe, the exchange was still solvent, and operation of the exchange would remain unaffected (apart from deposits and withdrawals being temporarily suspended). A similarly sized attack on an exchange that did not have such a contingency plan would likely be a death blow.

Although in this case there was little collateral damage to end users of the exchange, if the amount stolen was an order of magnitude greater, or if Binance did not employ the operational controls it did, things could have been a lot worse.

Secure your login credentials, 2FA devices, and familiarize yourself with phishing attacks

If you are technologically inclined, taking the time to implement a secure self-custody solution using hardware wallets and multisignature technology can prevent you from becoming a victim to a hack on an exchange.

If you don’t trust yourself to securely store your cryptocurrency then consider using a dedicated custody provider that offers insurance for their users, such as Coinbase Custody or BitGo.

The Binance hack is believed to have been performed by collecting the login credentials, 2FA credentials, and/or API keys of many users, likely through phishing campaigns or targeted malware.

Familiarizing yourself with common types of phishing attacks, adopting stringent operational practices surrounding cryptocurrency keys and login details, and disabling API access unless you are actively using it, are all ways in which you could prevent yourself from becoming a victim of a similar hack in the future.

Binance has been applauded for its commitment to transparency due to the timely and informative updates, quick response, the live interview conducted by CZ in the wake of the breach, and the thorough post incident report posted on the Binance website.

The information in this article is general in nature. Any advice it contains is general advice only and has been prepared without taking into account the objectives, financial situation or needs of any particular person. The article content is not intended to be a substitute for professional advice and readers are urged to seek their own appropriate advice before making decisions. Any reference to a particular investment is not a recommendation to buy, sell or hold the investment.

As a testament to Binance’s commitment to service reliability, the exchange managed to stay online and remain open for trading as the situation unfolded, only having to disable deposits, withdrawals, and resetting all current API keys as security measures.

Crypto users took notice and despite Binance’s native token BNB dropping 16 percent in the days following the hack, consumer confidence is reflected in the fact it is now trading up over 60 percent just two weeks later.


Originally published at https://www.digitalx.com.