A cryptocurrency heist of great proportion has hit one of the major global exchanges. Binance has confirmed that it lost approximately $41 million in Bitcoin in the largest attack that has hit the company so far.
Hackers Stole User API Keys, 2FA Codes from Binance Accounts
As explained in Binance’s official statement, the breach was discovered on May, 2019 at 17:15:24 (UTC). Apparently, hackers were able to obtain a large number of user API keys, 2FA (two-factor authentication) codes, and potentially other information as well needed to log in to a Binance account.
A variety of techniques were used, including phishing, viruses and other breach methods. Binance is yet to analyze all the hacking methods that were used against them. There may also be additional affected accounts that have not been identified yet, the statement said.
Using these various methods, the atttackers breached a single Bitcoin hot wallet the type of wallet that is connected to the internet). The wallet contained about 2% of the company’s total Bitcoin holdings. The hackers were able to withdraw 7000 BTC in one single transaction: https://www.blockchain.com/btc/tx/e8b406091959700dbffcff30a60b190133721e5c39e89bb5fe23c5a554ab05ea.
It also appears that the hackers knew what they were doing which is obvious by the well-orchestrated actions:
The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that.
What is worse is that the hackers may still have control over certain user accounts and may abuse those accounts to influence prices. The good news is that the exchange’s cold storage of offline wallets remains secure. It is indeed in offline wallets that the majority of funds are stored.
Binance’s Actions So Far
Binance quickly suspended all deposits and withdrawals on its platform for about a week. During this time, the company will review the security of its platform and will investigate the gruesome attack.
Binance will however continue to enable trading, so that its users may adjust ther positions, the statement clarified. The company also believes that with withdrawals disabled, there isn’t much incentive for hackers to influence markets.