Binance has lost $41 million in Bitcoin to Hackers
A large scale security breach has occurred on Binance
Details of a security breach are emerging on the popular cryptocurrency trading platform Binance, read their official update here.
Binance discovered a large scale security breach today, May 7, 2019 at 17:15:24 (UTC). Hackers were able to obtain a large number of user API keys, 2FA codes, and potentially other info. The hackers used a variety of techniques, including phishing, viruses and other attacks.
The hackers were able to withdraw 7000 BTC in this one transaction: https://www.blockchain.com/btc/tx/e8b406091959700dbffcff30a60b190133721e5c39e89bb5fe23c5a554ab05ea
So how much is 7,000 Bitcoins? Well it’s around $40.7 Million dollars.
Unfortunately for cryptocurrency trading platforms, these occurrences are only too common. The disclosure comes hours after Zhao tweeted that the exchange was undertaking “some unscheduled server maintenance,” writing that “funds are #safu.”
Highly Coordinated Attack
“The hackers had the patience to wait, and execute well-prepared actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed.”
Binance temporarily had their BTC hot wallet compromised only (which contained about 2% of their total BTC holdings). All of our other wallets are secure and unharmed.
It’s a bit scary though. Binance is the highest volume cryptocurrency trading platform. The withdrawal triggered internal alarms after it was executed, and Zhao said the exchange froze withdrawals following the discovery. While deposits and withdrawals will remain suspended for the next week, trading will be re-enabled, though he cautioned that “the hackers may still control certain user accounts.”
- Binance will conduct “a thorough security review” encompassing its systems and data during the next week.
- Binance will use the #SAFU fund to cover this incident in full. No user funds will be affected.
- How much this attack will mean Binance loses credibility is still yet to be determined. $40.7 million is not nothing.
CZ will be doing an AMA (Ask Me Anything) tonight in a few hours.
This incident is likely to be one of the topics of discussion.
This is Binance’s largest hack to date.
Meanwhile Crypto funding has recently been banned on WeChat. The hack comes at an inopportune time for the exchange, which is preparing for the public launch of a fully decentralized version of its services.
“We must conduct a thorough security review,” CZ wrote. “The security review will include all parts of our systems and data, which is large.”
It’s a surprise for Binance and could possibly be a difficult time, though Binance does strive to maintain transparency and is appreciative of your support for it.
Luckily, Binance’s CEO, CZ claims no users will be effected by the hack, and that the lost funds will be covered by the Secure Asset Fund for Users (SAFU) set up last year.