News

Binance Hacked: $40 Million worth of Bitcoin stolen but funds are SAFU

The world’s largest cryptocurrency exchange Binance has been hacked. On May 07 2019: Binance, has suffered a large scale security breach where the hackers managed to stole around 7000 Bitcoin which is worth more than $40 Million USD at current price. The hack occurred at an inappropriate time for the exchange and it appears to be its largest hack to date. Nonetheless; the company promises to cover the Bitcoins lost in hack.

As like every exchange hacks; the breech was announced on Twitter as an “unscheduled server maintenance”. It alarmed a number of Twitter users and many kept messaging Binance’s CEO asking if the exchange is actually hacked.

Well, shortly after that Tweet Binance founder made anther Tweet with message “Not the best of days, but we will stay transparent. Thank you for your support!” providing a more detailed report on the hack event.

Binance Hack

According to the official statement released by Binance’s CEO Changpeng Zhao: “About 2% of Binance’s BTC holdings were affected”. The statement reported that the exchange has experienced a security breech where the hackers withdrawn 7000 BTC ($40 Million) in a single transaction.

Transaction Hash of the hack involving some 7000 Bitcoins: https://www.blockchain.com/btc/tx/e8b406091959700dbffcff30a60b190133721e5c39e89bb5fe23c5a554ab05ea

The report states that “The hacker waited patiently and executed well organized actions through multiple independent accounts at the most appropriate time. The transaction is arranged in such a way that it passed all our existing security checks”. It was unfortunate for them to block the withdrawal before it was executed. However once the withdrawal was executed; various alarms in their system was triggered and as a result they immediately stopped all withdrawals.

The hacker used variety of techniques over a long period of time including virus, phishing and other attacks to hack the Binance wallet. While they couldn’t stop the hack; Binance traced the theft and reported that only a single account was affected by this attack and it is Binance’s hot wallet. It accounts for about 2% of the exchanges Bitcoin holdings.

Hot wallet is a wallet that is connected to the Internet where the exchange seems to hold funds to manage their day to day trading operations. Apart from hot wallet; the hacker were not able to access any cold wallet (offline storage where the majority of coins are kept). Also none of the users wallets were affected directly – the exchange reported.

Note on 2FA and users login credentials

In addition to stolen BTC the statement also reports that the hacker obtained a large number of users 2FA codes, API keys and other potential information which are required to login to Binance account.

The exchange warned that “hackers might have control over certain user accounts and might use them to influence prices”. The exchange does not know how many user accounts were exactly affected by this which can only be known after conducting a thorough security investigation. For now it is recommended that you change your password and make sure to enable Google 2 factor authentication for your account.

Funds are SAFU

The company clearly mentioned that none of the users are affected by this hack so you don’t have to worry about your coins. All wallets are secured and Binance will cover the Bitcoin loss in full. Though many are ready to support Binance the company stated that it will cover the loss without any help.

Binance seems to maintain an emergency account for such events which is dubbed as SAFU (Secure Asset Fund for Users) account. It was setup last year and the exchange mentioned that they will use SAFU account to cover the stolen Bitcoins.

While this is a good news; the bad news is that all withdrawals and deposits will be suspended for about a week until the investigation is over.

Binance mentioned that they will conduct a security review analyzing the whole system in detail which is a huge process that is estimated to take about a week. The company wants to completely eradicate the trace of hackers and also wants to ensure that going further no such attacks occur. Also the Binance team is currently working with several other exchanges to block deposits from the hackers BTC address. During this period; withdrawals and deposits will be frozen. However trading is not affected. You can trade as usual and the trading will remain open for all users. Only the withdrawals and deposits are halted.

Binance hack update

Even though Binance quickly responded to the hack and was very much transparent about the unpleasant event; a dramatic event like this always reminds us one thing:

“Not your keys, not your Bitcoin”.

Private keys should be under the control of the individual holder.

Currently Binance team is working on security review to find out what went wrong and what can be done to get the issue resolved.

In the meantime, CZ (CEO of Binance) stated that they will continue the scheduled Twitter Ask Me Anything as planned.

Twitter Updates:

What do you think about this hack? Do share your thoughts in the comments section.

Tags
Show More

coinguides

We are crypto enthusiasts and our main intention with Coin Guides is to educate people about Cryptocurrency and Blockchain technology. We regularly publish content about Bitcoin, Ethereum, Altcoins, wallet guides, mining tutorials and trading tips.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Close
Close