The attackers succeeded in hacking Binance , one of the largest cryptocurrency exchanges in the world in terms of daily trading, as well as one of the safest sites.
Basic facts about hacking the Binance exchange and its consequences:
- The amount of stolen funds amounted to 7,000 military-technical cooperation, or a little over $ 42 million (according to the exchange rate at the time of this writing).
- Only the hot wallet of the exchange suffered, all the others are safe.
- Reimbursement of user funds will come from the exchange’s own stock.
- Input and output will be suspended for one week – the time of the internal security audit. In this case, trading will work in the normal mode.
- At the time of this writing, the price of BNB – the inner coin of the exchange – suffered a 10 percent drop.
Below is the translation of the official exchange statement :
“Today, May 7, 2019, at 17:15:24, we discovered a large-scale breach in the security system. Hackers managed to gain access to a large number of user API-keys, 2FA-codes and possibly other information. They used a variety of techniques, including phishing, viruses, and other attacks. At the moment we are still defining all the possible methods that they used. It is also possible that there are other affected accounts that have not yet been identified.
Hackers managed to withdraw 7000 PTS with this single transaction:
https://www.blockchain.com/btc/tx/e8b406091959700dbffcff30a60b190133721e5c39e89bb5fe23c5a554ab05ea
This is the only transaction affected. She influenced exclusively our hot wallet (it was about 2% of the total number of military-technical cooperation, which we store). Our other wallets are not affected and are safe.
The hackers were patient and acted according to a well-thought-out plan, using accounts that were not related to each other, at first glance, at the most successful time. The transaction structure allowed her to pass our existing security checks. Unfortunately, we failed to block the withdrawal in a timely manner. After it was implemented, numerous alarms were triggered in our system. Immediately after that, we turned off the withdrawal function.
Binance uses #SAFU to fully cover the damages associated with this incident. User tools will remain unharmed.
We need to conduct a thorough security review. It will affect all the components of our systems and data – this is a huge amount. According to our estimates, this procedure will take approximately ONE WEEK. In the course of verification, we will constantly keep you informed.
More importantly, the deposit and withdrawal functions will have to REMAIN OFF for the period. In such a difficult situation, we hope for your understanding.
Trading will continue so that you can adjust your positions if you wish. Please also pay attention to the fact that attackers can still control certain accounts and use them to influence the value of assets. We will closely monitor the situation. However, we believe that since the withdrawal function is inactive, hackers have no particular motivation to influence the markets.
At this difficult time, we strive to maintain the transparency of our actions and will be grateful for your support. ”
Publication date 09/05/2019
Share this material on social networks and leave your opinion in the comments below.
