Pierluigi Paganini May 08, 2019

Hackers steal $41 Million worth of Bitcoin from Binance, one of the world’s largest cryptocurrency exchange

The hack of another cryptocurrency exchange made the headlines, hackers steal $41 Million worth of Bitcoin (over 7,000 bitcoins) from Binance.

Binance is one of the world’s largest cryptocurrency exchanges, its founder and CEO Changpeng Zhao confirmed that the hackers stole the bitcoins from a hot wallet that contained roughly 2 percent of the exchange’s total holdings. The good news for the customers is that its Secure Asset Fund for Users (SAFU) emergency insurance fund will cover the incident in full. According to Zhao, the attack was particularly sophisticated and attackers used multiple techniques to gain access to the platform, fortunately no other wallets were accessed by the hackers.

“We have discovered a large scale security breach today, May 7, 2019 at 17:15:24 (UTC). Hackers were able to obtain a large number of user API keys, 2FA codes, and potentially other info. The hackers used a variety of techniques, including phishing, viruses and other attacks. We are still concluding all possible methods used. There may also be additional affected accounts that have not been identified yet.” reads a data breach notification published by Binance.

“The hackers were able to withdraw 7000 BTC in this one transaction: https://www.blockchain.com/btc/tx/e8b406091959700dbffcff30a60b190133721e5c39e89bb5fe23c5a554ab05ea“

The hack was discovered on May 7, when attackers have obtained a large number of user API keys and two-factor authentication codes. The data breach notification adds that attackers leveraged phishing, malware and other techniques to steal the funds in a well-orchestrated attack.

“The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks,” Zhao added. “It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that.”

Binance is investigating the incident and is conducting a thorough security review of its systems. The process will take about one week during which the company will provide updates frequently and as temporary measure deposits and withdrawals will be suspended.

“We will continue to enable trading, so that you may adjust your positions if you wish. Please also understand that the hackers may still control certain user accounts and may use those to influence prices in the meantime.” concluded Zhao. “We will monitor the situation closely. But we believe with withdrawals disabled, there isn’t much incentive for hackers to influence markets,”

According to Zhao, other exchanges, including CoinBase, will block deposits from the bitcoin addresses used by the hackers in the attack.

Binance is only the last cryptocurrency exchange in order of time to suffer a security breach. Hackers managed to steal a total of hundreds of millions of dollars from several platforms, including Bithumb, Bitfinex, Coinrail, Coincheck, and Zaif.

Pierluigi Paganini

(SecurityAffairs – Binance, Bitcoin)

[adrotate banner=”5″]

[adrotate banner=”13″]