Binance Loses 7070 BTC in a Major Security Breach
Upon the discovery of a large-scale security breach, Binance shut down deposits and withdrawals on the 7th of May, initially posting it over Twitter on the exchange’s CEO account as “unscheduled server maintenance.”
Have to perform some unscheduled server maintenance that will impact deposits and withdrawals for a couple hours. No need to FUD. Funds are #safu.
— CZ Binance (@cz_binance) May 7, 2019
Soon after however, the Binance team came out with the realization that a large number of API keys, 2FA codes, and other info has been compromised, which led to the unauthorized withdrawal of 7.070 BTC from their hot wallets. They proceeded to shut down the deposit and withdrawal functions for the exchange, but not before the hackers managed to successfully withdraw the funds.
After spending the entire night working away on the issue, the CEO of Binance, CZ, went on with his pre-scheduled AMA session on Twitter, and the first thing he addressed was this security breach.
He said: “As you already know, we had a security instance yesterday, and I think the blog post pretty much explains it all. It’s basically a very advanced persistent hacking effort, they (the hackers) used both external and internal efforts to trap a lot of phishing information and get a lot of user accounts. It’s probably the most advanced effort, and the hackers themselves were very patient. They didn’t move as soon as they have one account, they waited until they got a large number of high net worth accounts. It’s very unfortunate that our security measures were not able to stop that withdrawal which cost us 7070 BTC, roughly about $40 million USD right now. The lost funds will be covered from the SAFU fund.”
“Right now…” – he adds, “… our main priority is to remove any trace from the hackers within our accounts and system. That is a very lengthy and work-intensive process, and unfortunately, we will not be able to activate deposits and withdrawals in the meantime. We just want to make sure everything is safe. Our estimations are that it will take about a week to make sure everything is done correctly.”
If you are a Binance user
Make sure to reset both your API and 2FA codes by disabling and enabling them, as recommended by the Binance team and CEO. This security measure will make sure that your account safety is reset and will not be impacted by any future attempts.
The industry stays united
After the incident, a few different exchanges reached out to Binance pledging their support in refinancing the victims, including TRON’s Justin Sun, Coinbase, and other major exchanges.
Binance CEO explained that he is grateful for the support, but they have all of the necessary funds in their Secure Assets Fund for Users (SAFU) and will use them to repay all of the affected users.
The exchanges pledge to not accept the Bitcoin associated with the transaction, essentially nullifying the hacking efforts. It’s very important that the industry stays united against hacking and theft like they have demonstrated, because it adds to the security and legitimacy of cryptocurrency.
Brief discussions about a possible reorganization of the Bitcoin blockchain resulted in the unanimous understanding of the difficulty of the endeavor and the severe stress that would be placed on the Bitcoin community, as well as the potential for inadvertently forking the staple currency of the overall crypto community. As such, the decision was made to forgo any effort into pursuing the re-org of the Bitcoin blockchain.
After speaking with various parties, including @JeremyRubin, @_prestwich, @bcmakes, @hasufl, @JihanWu and others, we decided NOT to pursue the re-org approach. Considerations being:
— CZ Binance (@cz_binance) May 8, 2019
While the hacker’s success did hurt Binance, they are well equipped to survive a catastrophe such as this one. Certainly painful for the exchange, but none-the-less the same can be expected for the hackers. The funds they managed to steal successfully will be frozen the moment they land on an exchange, regardless of the length of the chain of transactions or the amount of the transaction.
As such, the funds that are stolen are rendered useless, most likely to be used in exchange with unsuspecting investors who are looking to enter the cryptocurrency scene with a significant OTC deal.
On the Binance side of things, Changpeng Zhao explains that Binance is hurt, but not broke. They will give back all of the funds that are stolen back to the affected accounts and users. In addition, they will continue to pursue philanthropic ventures through their charity foundation and CZ promises to proceed with the personal donations that he has pledged to various causes.
All in all, it seems that Binance is handling this blow extremely well and professionally, keeping their status as a leader in the exchange market stable. The week-long stand-hold on deposits and withdrawals will hurt their business, but with the trading features enabled, Binance will only miss out on new traders coming to the platform. Already existing clients are able to manage their portfolio and positions without any issues.
We will continue to monitor the situation and provide you with updates on the developments.