Hack Brief: Hackers Stole $40 Million from Binance Cryptocurrency Exchange

Binance is one of the world’s biggest cryptocurrency exchanges. As of Tuesday, it’s now also the scene of a major cryptocurrency theft. In what the company calls a “large-scale security breach,” hackers stole not only 7,000 bitcoin—equivalent to over $40 million—but also some user two-factor authentication codes and API tokens.

Theft has long been endemic to cryptocurrency; hackers stole more than $356 million from exchanges and infrastructure in the first three months of 2019 alone, according to a recent report from blockchain intelligence company Ciphertrace. But it’s less common to see an established exchange like Binance get hacked—and for the attackers to get so much other information along the way.

The Hack

Binance has been fairly forthcoming about the hack, detailing its impact in a blog post from Binance CEO Zhao Changpeng. “The hackers used a variety of techniques, including phishing, viruses and other attacks,” wrote Zhao. “The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks.”


Recommended PRODUCTS
  • Discover why you NEVER need to do another exercise again to get the body you've always desired.
  • This file can easily help increase the sales and profits from letters in just minutes.
  • Are you frustrated that your expensive karoke player does not let you play.
  • Use these proven tactics to seduce the man of your dreams
  • Generate a steady full-time income today and scale up fast as big as you want
  • Discover A Habit Busting Program Gives You The Ability You Have Always Wanted.
  • Discover How To Use The Betfair Exchange For Profit From Only Two Hours per Day
  • Learn how you can easily create mobile apps to generate passive income.
  • Learn about the solar systems largest planet jupiter predict great red spot transit times
  • Explore the World Without Spending Much Money at All
  • ApeSurvival is all about survival and self-defense products, tips and news.
  • Reveals 1 Unusual Tip To Eliminate Excessive Sweating Forever In 48 Hours
  • Become A Sex Stud Age Does Not Matter. Satisfy Any Woman- Or Women.
  • Learn How To Attract the Man of Your Dreams And Receive A Marriage Proposal In Few Months
  • Clickbank Ads
     

    It appears that hackers were able to compromise several high-net-worth accounts, whose bitcoin was kept in Binance’s so-called hot wallet—which, unlike cold wallets, are connected to the internet—and filch those funds in a single transaction.

    Zhao says the company will conduct a security review of all its systems and data, which he expects to take about a week. In a surprising move, Binance will continue to allow trading during that time—even though hackers may still control some high-net-worth accounts—though it will disable deposits and withdrawals until it’s sure the hackers are accounted for.

    “Binance knows that they lost user credentials, that their users' 2FA got compromised, they do not know the exact extent of the attack, yet they keep trading going,” says Emin Gün Sirer, a computer scientist and codirector of Cornell University’s Initiative for Cryptocurrencies and Contracts. “This is a huge risk. Anyone can take highly risky positions, and if the trades turn sour, they can claim that it wasn't them, they were compromised by the hack.”

    Who’s Affected?

    Good question! Binance itself isn’t clear on the scope of the breach. The bad news is, if your bitcoin was in Binance’s hot wallet, it now belongs to bad guys. The good news is that $40 million comprises only 2 percent of Binance’s overall bitcoin holdings. The even better news is that the company will cover the losses out of its Secure Asset Fund for Users.

    Binance traders generally will also be affected, both because they won’t be able to deposit or withdraw their digital money and because, as Sirer notes, the uncertainty of who exactly is participating in those markets could lead to some mayhem. “Hackers may still control certain user accounts and may use those to influence prices in the meantime,” writes Zhao. “We will monitor the situation closely. But we believe with withdrawals disabled, there isn’t much incentive for hackers to influence markets.”

    The more interesting question might be who could have been affected, not by the hack itself but by Binance’s reaction. The company apparently considered doing a rollback on the bitcoin network, to undo the offending transaction. They ultimately decided against it, but even the specter has implications.

    “It takes only a handful of miners who will go along with a reorg. And perhaps they wouldn't do it for $40 million, but there is a price at which they would do it,” says Sirer. “If it were to happen, it would undermine confidence in BTC, whose main claim to fame has always been security and immutability.”

    At the very least, all Binance users need to update their API keys and two-factor authentication immediately.

    How Serious Is This?

    On the face of it, maybe not so bad. Forty million is a plenty big number, but it’s only a small percentage of Binance funds, and users will apparently get their money back.

    But the fact that Binance can afford to take a mulligan doesn’t excuse what appears to be a devastatingly thorough hack. And it’s unclear whether the compromise of two-factor codes and API keys will have broader implications. Most of all, it’s the latest reminder that, for all the promise of cryptocurrency, it remains a Wild West for investors. If the price fluctuations don’t get you, a hacker, a fraud, or a scam is always just around the corner.

    Additional reporting by Lily Hay Newman.


    Original Article : HERE ; This post was curated & posted using : RealSpecific

     


    RELATED PRODUCTS
  • This file can easily help increase the sales and profits from letters in just minutes.
  • Discover why you NEVER need to do another exercise again to get the body you've always desired.
  • Generate a steady full-time income today and scale up fast as big as you want
  • Use these proven tactics to seduce the man of your dreams
  • Are you frustrated that your expensive karoke player does not let you play.
  • Say Hello to Happiness, Satisfaction and Wisdom for All of Lifes Toughest Challenges
  • Rapidly Turn Any Idea Into A Million-dollar Business In 12 Short Months...
  • Learn how to become a freight broker or freight agent in less than 30 days
  • Learn how you can easily create mobile apps to generate passive income.
  • Get the powerful tool to make over 20 million dollar from your own home improvement business
  • Roulette optimizer provides all tools you need to simulate strategies and systems.
  • Make Money Online With This Method 100 GUARENTEED.
  • 1 YouTube Secret makes you 594 a day. Click here for more details.
  • Quickly cure your acid reflux and enjoy permanent freedom from heartburn
  • Clickbank Ads
     

    Thank you for taking the time to read our article.

    If you enjoyed our content, we'd really appreciate some "love" with a share or two.

    And ... Don't forget to have fun!

    Recommended

    LetSpinio Templates [With Commercial Licence]

    Gamify your lead gen to 3X your conversions.

    ViralEngagr Messenger Shop - DS

    ViralEngagr Messenger Shop enables you pull in products from Shopify, Aliexpress, eBay, Bestbuy, Wish, Woocommerce and sell on Facebook, Messenger and Twitter without the need for a website or stores or any technical knowledge.

    Lingo Blaster

    30 Day Money Back Guarantee

    Leave a Reply