Binance Suffered a Hacker Attack: 7000 BTC Stolen
On Wednesday 8th May, Binance released a statement explaining that the exchange was hacked. The attack took place the previous day and allowed hackers to obtain a large number of API keys, 2FA codes as well as other potential informations.
Thanks to this information they were able to withdraw 7000 BTC with a single transaction:
The attack was carried out according to a well-orchestrated plan, through apparently independent multiple accounts, at the most appropriate time. The transaction had such a structure that it passed their current security checks. The statement also explained that the attack involved only one of Binance’s Bitcoin hot wallets for a total of only 2% of the BTC owned by the exchange.
This made sure that it could not be blocked before it was executed. However, once executed, the withdrawal triggered several alarms of the Binance system and later all withdrawals were suspended.
After the incident, the team launched a security review covering all parts of the system and the data. During this phase, all deposits and withdrawals must remain suspended.
The day after the theft, the company Coinfirm put the address to which the stolen bitcoins were initially sent under observation, which highlighted a series of transactions to other wallets. In particular, the first two transactions were 1214 BTC towards two new addresses, which were followed by other transactions to other wallets. In this way, hackers would try to get lost through continuous movements to dozens of different wallets. In this way, it would be more and more difficult to track down them and it would be easier to move them to other exchanges to sell them.
After the discovery of the affair, a strange proposal immediately began to circulate to recover the stolen Bitcoins, through an invalid transaction that would invalidate all the mined blocks after the theft. In particular the supporters of the proposal suggested to create a transaction of 0 BTC from the address from which the 7000 Bitcoins were stolen by entering 7000 BTC of fees, which would be collected by the miners. Thus the Bitcoins stolen from the thieves would be subtracted and distributed to the miners, while for Binance it would not change anything because in any case the stolen money would not come back.
Apart from bizarre proposals, the CEO CZ reassured all the users involved, specifying they will be refunded in full by drawing on the so-called SAFU fund. In the event that the promise is maintained, all Binance users (including LSK owners) will be able to feel comfortable about the future of their currencies.
A possible solution to this type of attack is represented by decentralized exchanges (such as the one that EliteX is developing, which we discussed in this article). In this case, in fact, there is an extra security because users can trade directly from their own wallets, maintaining direct control of private keys and therefore digital assets.