In shocking news today, leading crypto exchange Binance announced a large-scale security breach. Brazen hackers ransacked over 7000 Bitcoin, worth a staggering $40million, in a meticulously planned and unprecedented attack.
Binance has since stated that user funds are secure and that all losses are covered by the company’s SAFU fund. Their CEO briefly considered a BTC chain rollback but has now decided against it.
Binance CEO “CZ” acknowledged that the hack exposed previously unknown security weaknesses in the exchange, but was quick to assure users that all losses were covered and that stringent security measures are now in place to prevent any further damages.
He succinctly later stated in an AMA-streamed chat that like other exchanges, Binance was also “no longer a virgin”.
As “revenge”, CZ also briefly mooted the possibility of a re-org of the BTC chain, which would move fees to the miners in order to deter any future attacks. Binance finally shot down this option, explaining that the cons outweigh the pro’s and that the company would rather “own” up to their mistake.
How Binance got hacked
The hackers executed the hack by first obtaining a large number of Binance users’ API keys, 2FA codes and potential other data.
The criminals then used a complex combination of other both internal and external attacks, which included phishing and viruses, to penetrate the digital exchange’s wall. (Phishing attacks were also blamed for last month’s attacks on Electrum and Ledger Live).
The hackers withdrew their whole heist of 7000 BTC, worth an estimated $40million, in one single transaction.
Hackers “patient” – only BTC hot wallet affected
According to the company’s statement, the hackers were patient and deliberate, executing their sophisticated exit plan by connecting multiple seemingly unrelated accounts and putting the transaction through at the most opportunistic time.
Binance was unable to stop the transaction even though the withdrawal triggered a number of alarms and the exchange ceased all withdrawals immediately after.
The transaction can be viewed here:
The hackers only managed to penetrate Binance’s BTC “hot wallet” ( a wallet connected to the internet), therefore their other wallets are all secure. Still, as the hot wallet contains a significant 2% of their total BTC holdings, the exchange has suffered a loss of around $40 million at present, and they’re unsure whether additional accounts are unaffected.
CZ gives update in Ask-Me-Anything (AMA)
While this has been a devastating day for Binance, CEO Changpeng Zhao, affectionately known as “CZ”, was brave enough to do one of his AMA (“Ask-Me-Anything”) live Periscope video chats broadcasted on Twitter a few hours later where he gave a sincere update and heartfelt apology to over 2000 followers.
Zhao described the hacking incident as “not a great day” and wryly referenced an anecdote about a friend who told him that Binance is “no longer a virgin now”, alluding to the dozens of other exchanges that have suffered similar breaches in recent years.
CZ urged users to do the following:
- Change your API keys if you use one
- Change your 2FA password
Funds are #SAFU
Zhao asked users for users’ forgiveness and understanding said on Twitter that the exchange should own up to this hack as users entrust them with their funds. For the next week, Binance will halt all withdrawals and deposits while they investigate the security breach. The Binance chief also warned users that there might be some intermittent breaks in trading due to the security upgrades that the company will be rolling out.
The Binance Secure Asset Fund for Users (SAFU) was created in July 2018 as an emergency “rainy day” fund if the exchange ever got hacked, and is stocked with 10% of all trading fees to protect Binance users in extreme cases.
CZ mooted the option of rolling back the BTC network, after receiving overwhelming support from the whole cryptocurrency industry. A rollback would mean that the BTC chain would revert to the point just prior to the hack.
However, in a Twitter announcement about an hour ago, the Binance boss said that after discussing it with senior industry leaders and other exchanges such as Coinbase, they decided that this wasn’t an option and that such an action would lead to serious consequences. It could damage the already teetering credibility of the whole virtual asset industry.
“We don’t want funds”
CZ reiterated several times during his AMA chat that the company’s SAFU wallet will fully cover this “rainy day” and that Binance doesn’t need or want user donations to cover their losses.
While this hack is a significant black eye for Binance, who has publicly prided themselves for so long on their impenetrable security, it is vital and encouraging that the CEO responded so quickly and assuringly to the incident, as it seemed to steady the notoriously jittery BTC markets that usually behave very negatively to exchange hack news.
Retaliation by hackers for Craig Wright drama and BTC SV delisting?
While CZ assured users that only the Binance hot wallet was targeted, questions remain after what has been a very eventful month for the digital exchange. They launched their own Binance chain (BNB) coin in April and CZ got into a heated public argument with controversial “Fake Satoshi” Craig Wright, which ended in the delisting of BCH SV and the criticizing of Zhao’s action as heavy-handed censorship in an industry that prides itself on its libertarian and free speech values.
Both CZ and Binance are two of the brightest stars in the cryptoverse and this attack might eventually be revealed as more personal than expected.
Better cold storage and compliance needed
Only a week ago, Binance announced that they would be working with leading KYC/AML company Ciphertrace in a concerted push towards better compliance in order to satisfy expected tighter anti-money laundering regulations set by the Financial Action Task Force (FATF) later this year.
Coupled with this, Binance also released their decentralized exchange to much fanfare less than a fortnight ago. The Binance DEX allows users to connect their cold storage devices such as hardware wallets to Binance without compromising their private keys and funds.
As you may know, CoolWallet is one of the officially recognized wallet partners of the Binance DEX. We will release more information on this once the Binance DEX offers more trading pairs and starts to function at full speed.
How to protect your Binance funds
While trading continues per usual, all deposits and withdrawals have been halted by Binance, which should keep user funds safe and contained within the exchange.
In the meantime, however, it would be wise to change your Binance API keys or 2FA password, and of course, once withdrawals and deposits reopen, any serious investor should consider spreading out their portfolio across secure cold and proven storage options such as the CoolWallet S.
Also, stay posted. CoolBitX, makers of the CoolWallet S, will be unveiling a revolutionary new solution at Consensus New York later this month, that will hopefully put an end to current KYC and AML obstacles that allow these ruthless criminals to carry on looting and pillaging crypto exchanges at their whim.