If you like what you read, feel free to share it:

Yesterday, May 7, Binance, one of the largest cryptocurrency exchanges by trading volume, experienced a security breach. The exchange got hacked and the hackers got hold of approximately 7,070 BTC

Hackers Obtain User Data

Binance CEO Changpeng Zhao immediately did a report on Binance’s inside blog explaining that the hackers were able to obtain a large number of user API keys, 2FA codes, and other info. He stresses that hackers possibly used various techniques including phishing and virus attacks. Also, he claims that there might be several other techniques that hackers used in the hack. Moreover, there still might be additional user accounts that are affected.

It looks like the hackers used only one transaction in which they transferred the stolen 7,070 BTC. CZ says that the hackers only impacted their hot wallet storage which accounts for roughly 2% of the whole Binance BTC holdings. All other Binance’s wallets are safe and intact, says CZ.

Well-orchestrated actions and patience

CZ claims that the hackers had the patience to wait and execute “well-orchestrated actions through multiple independent accounts at the most opportune time”.

“The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that,” reads the report.

A few tweeters got hung up on the phrase “The transaction is structured in a way that passed our existing security checks…” speculating that this might be an inside job.

Binance will use the SAFU fund to cover losses

On July 3, 2018, Binance announced its Secure Asset Fund for Users (SAFU). Binance developed this in order to offer future protection of interests of all Binance users. Binance allocates 10% of all trading fees to this fund.

However, many industry professionals and projects which are related to Binance have shown support for Binance, by offering to pay the 7,070 BTC to Binance. For example, Justing Sun, the CEO of TRON, offered personally to deposit 7000 BTC on Binance to purchase BTC, BNB, TRX, and BTT. A few tweeters interpreted this as “openly admitting to market manipulation”.

Nevertheless, Binance will lock all deposits and withdrawals for a whole week. The reason being a thorough security review. CZ says that they have to go through their systems and data “which is large”. However, trading will still be live.

Suggestion to “rollback” Bitcoin

In the early hours of this incident, Jeremy Rubin (@JeremyRubin) suggested CZ to rollback Bitcoin, in order to recover the lost funds.

CZ did a livestream explaining everything what had happened and in this livestream he discussed the “rollback” option.

Udi Wertheimer in his Twitter profile conducted a thread where he explains why this is an outright nonsense.

He says that this would cost more than the actual hack and could potentially lead to more huge transactions at risk of being double-spent. Also, many other exchanges might be impacted and this could “hurt” the Bitcoin credibility. Wertheimer explains that a day of mining costs 1,800 BTC. Most importantly he said that “this is no Binance chain with CZ signing all the blocks”. By actually trying to rollback Bitcoin, many miners would be affected and the whole Bitcoin ecosystem in general. However, CZ from Binance dismissed this idea rather quickly.

BitMex Research Twitter profile posted a 2016 Reddit thread where a rollback was discussed when hackers stole around 120,000 BTC from Bitfinex. In this thread users comment on the potential negative consequences. 

Wertheimer also reminded that previously Binance had stated that holding assets on their exchange is as safe as being in possession of ones own keys. Now we see that this statement is ridiculous and you should never store your assets entirely on an exchange. Even “SAFU” won’t help. 


Photo by Flickr