Cryptocurrency Exchange, Binance, was part of a major cryptocurrency exchange theft this week. Binance, a Taiwan based company, is the world’s largest cryptocurrency exchange. Malicious actors were able to the 7,000 bitcoin – equivalent to $40 million, two-factor authentication codes, and API tokens.
“Have to perform some unscheduled server maintenance that will impact deposits and withdrawals for a couple hours.”
Binance was transparent about the attack and it in a blog post the same day. Saying that attackers were able steal 7000 BTC in one transaction. The affected wallet is their BTC hot wallet, which hold just 2% of their bitcoin. Further, no other wallets were attacked and are secure.
Attackers used several methods to try to get into their systems, including spreading viruses and using phishing techniques. Binance called the attack very well thought out because the hackers took their time in execute the attack.
Binance stated in their blog:
“The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that.”
At this time, Binance plans to conduct a full security review of all systems and data, which should take one week. Further, Zhao explained on Twitter that the company does not plan to rollback the bitcoin blockchain in a ‘re-org approach’. Listing the cons in taking this approach as:
“cons: 1 we may damage credibility of BTC, 2 we may cause a split in both the bitcoin network and community. Both of these damages seems to out-weight $40m revenge. 3 the hackers did demonstrate certain weak points in our design and user confusion, that was not obvious before. cons: 4 While it is a very expensive lesson for us, it is nevertheless a lesson. it was our responsibility to safe guard user funds.”
Binance does plan to cover the lost bitcoin with the SAFE fund (secure assets fund for Users. Users will not experience any financial loss due to this.
Contact LIFARS immediately if your organization was hit with a breach