How the Binance DEX Community Shuts Down Hackers
On October 11th, we issued a warning on Twitter and TG to not use Safu Wallet as we discovered it contained malicious code. It took about one hour from when a whitehat hacker named B shared his findings to this being announced in official Binance DEX channels. It was then subsequently taken down from the Chrome store. The Binance DEX community moved incredibly fast to shut the hackers down.
This was quite a sophisticated attack. The hackers built a real and functional wallet that worked similar to MetaMask. The value proposition was a Binance Chain only wallet that would support all the functions of the chain (like freezing/unfreezing tokens, multi sends, time locks, etc.) directly on your desktop, iPhone, Android, or browser. This allowed them to start targeting Binance DEX users to install the Safu Wallet extension from the Chrome store.
We could find no evidence that the early version of the wallet had any malicious code during review. Users who used the early version did NOT have their funds drained and were able to safely move it out. We believe the hackers carefully tracked the installations of their wallet to push an update with the malicious code to the Chrome store.
“It’s entirely possible that Safu was a legit wallet for the first releases but decided to push an update to the store recently, in order to trick the review process at first and once passed do this.”
— B
It was a great effort from many individuals and organizations to quickly eradicate these hackers. The mission was simple: to protect the Binance DEX community from losing any funds and shutting the hackers down. Special thanks to whitehat hacker named B who was doing god-like code reviews, Ouriel Ohayon from ZenGo for his security expertise, Leo Cheng from Machi X and a key member of the Mithril (first Binance Chain project) Council for his viral TG post to warn people, Cluster Capital (one of our earliest supporters) for rolling up their sleeves working to shut the hackers down, and the Binance team for being so responsive to handling the situation.
Word got out quickly to warn the community about Safu Wallet and to shut the hackers down:
https://community.binance.org/topic/1983/safuwallet-scam-do-not-use
https://usethebitcoin.com/warning-safu-wallet-allegedly-steals-users-data/
https://coingape.com/hack-alert-safu-wallet-malicious-binance-warns-community-members/
The Safu Wallet hackers were directly attacking Binance DEX users and RAVEN holders. This speaks volumes about the monumental rise and adoption for Binance Chain and Binance DEX since it launched in April. Over 130 assets have been issued on the chain and these hackers were definitely after them.
Being a top project working on a deep technical problem with a large active community means our holders were targeted.
We are not okay with that. We want to make sure you are taken care of. After careful discussion, the Raven team has decided to set out some RAVEN from the ecosystem tokens to compensate those who lost their RAVEN from the Safu Wallet hackers.
If you believe to have lost RAVEN, please fill in this Google form before the deadline of Oct 21, 2019 0:00am UTC. Submit necessary evidence such as transaction hash, address, email address, and telegram username.
We will then review all the submissions and make a decision on a case by case basis.
Want to talk to the founders of Raven?
Drop us an email: founders@ravenprotocol.com
Join us on Telegram: t.me/ravenprotocol
Join Official Announcements: t.me/raven_announcements
Follow us on Twitter: twitter.com/raven_protocol
Get RAVEN on Binance DEX: binance.org/en/trade/RAVEN-F66_BNB
