Hackers Steal Around $41 Million in Bitcoin from Binance
Hackers have stolen almost around $41 million in bitcoin from the crypto exchange Binance.
In a report dated May 7, 2019, Nikhilesh De of CoinDesk writes, “Hackers stole more than 7,000 bitcoin from crypto exchange Binance, the world’s largest by volume, the startup reported Tuesday.”
Binance announced, through a security breach update the discovery of the “large scale security breach”. The breach update says, “We have discovered a large scale security breach today, May 7, 2019 at 17:15:24 (UTC). Hackers were able to obtain a large number of user API keys, 2FA codes, and potentially other info.”
Binance has clarified that the hackers used different techniques including phishing, viruses etc and that they are using all possible methods to identify other affected accounts, if any. The hackers managed to withdraw 7000 BTC in one transaction, which according to the security breach update, is the only affected transaction. The breach had impacted Binance’s BTC hot wallet only; the hot wallet contained about 2% of the exchange’s total BTC holdings. None of the other wallets have been impacted, as per the statement.
The security notice explains how the breach happened; it says- “The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks.”
“It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that, ” the notice further says.
Binance would be conducting a thorough security review, which would include all parts of the exchange’s large network and data. The estimate is that it might take about a week for the review to be completed. Meanwhile, deposits and withdrawals would remain suspended, though trading would be enabled.
The Binance statement adds, as a word of caution, “Please also understand that the hackers may still control certain user accounts and may use those to influence prices in the meantime.”
“We will monitor the situation closely. But we believe with withdrawals disabled, there isn’t much incentive for hackers to influence markets, ” the official statement reassures.
It has been clarified that no user funds would be impacted and that the exchange would use its SAFU (Secure Asset Fund for Users) fund to cover the losses incurred. The SAFU fund, which consists of 10 percent of all trading fees that the exchange absorbs, is stored in its cold wallet.
The security breach at Binance has had its impact on the cryptocurrency market itself, with drops being registered for bitcoin, Litecoin, ether and also Binance’s native crypto BNB. The CoinDesk report says, “Prices have so far responded with bitcoin, the world’s premier cryptocurrency, dropping $290 alongside most other cryptocurrencies, which are down between 1-10 percent at press time…Litecoin and ether both experienced between 4-6 percent losses while bitcoin managed to resume in the green, thanks largely to its bullish rally yesterday that saw prices reach as high as $5,972 on the Coinbase exchange.”
“Binance’s native crypto, Binance Coin (BNB), is also down 8.05 percent and unable to escape the controversy from today’s news. BNB’s price is continuing to search for a bottom after it broke from a range it had held for 18 days between $22 and $25.40, with a new all-time high at $26.44 on May 3,” the report adds.
Kevin Jones951 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.