Binance Lost Nearly $41 Million in Bitcoin in a Well-Orchestrated Hack
CYBER NEWS

Binance Lost Nearly $41 Million in Bitcoin in a Well-Orchestrated Hack

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

A cryptocurrency heist of great proportion has hit one of the major global exchanges. Binance has confirmed that it lost approximately $41 million in Bitcoin in the largest attack that has hit the company so far.

Hackers Stole User API Keys, 2FA Codes from Binance Accounts

As explained in Binance’s official statement, the breach was discovered on May, 2019 at 17:15:24 (UTC). Apparently, hackers were able to obtain a large number of user API keys, 2FA (two-factor authentication) codes, and potentially other information as well needed to log in to a Binance account.




A variety of techniques were used, including phishing, viruses and other breach methods. Binance is yet to analyze all the hacking methods that were used against them. There may also be additional affected accounts that have not been identified yet, the statement said.

Using these various methods, the atttackers breached a single Bitcoin hot wallet the type of wallet that is connected to the internet). The wallet contained about 2% of the company’s total Bitcoin holdings. The hackers were able to withdraw 7000 BTC in one single transaction: https://www.blockchain.com/btc/tx/e8b406091959700dbffcff30a60b190133721e5c39e89bb5fe23c5a554ab05ea.

Related:
Tech Bureau which is a well-known Japanese cryptocurrency exchange has been hacked by criminals, read more about the incident in our article
Hackers Steal $60M from the Tech Bureau Cryptocurrency Exchange.

It also appears that the hackers knew what they were doing which is obvious by the well-orchestrated actions:

The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that.

What is worse is that the hackers may still have control over certain user accounts and may abuse those accounts to influence prices. The good news is that the exchange’s cold storage of offline wallets remains secure. It is indeed in offline wallets that the majority of funds are stored.

Binance’s Actions So Far

Binance quickly suspended all deposits and withdrawals on its platform for about a week. During this time, the company will review the security of its platform and will investigate the gruesome attack.

Binance will however continue to enable trading, so that its users may adjust ther positions, the statement clarified. The company also believes that with withdrawals disabled, there isn’t much incentive for hackers to influence markets.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum for 4 years. Enjoys ‘Mr. Robot’ and fears ‘1984’. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles!

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...