Binance, the world’s largest crypto exchange by volume have had a “large scale security breach” and reportedly hackers stole more than 7,000 bitcoin through it; Binance announced about the hack on Tuesday.
As per the post, the exchange discovered the breach earlier on May 7 and found that malicious actors were able to access user API keys, two-factor authentication codes and “potentially other info,” as states by exchange’s CEO, Changpeng Zhao, said in a letter. The hackers managed to withdraw roughly $41 million in bitcoin from the exchange, according to a transaction published in the security notice.
The disclosure arrives hours after Zhao announced on twitter, that the exchange was undertaking “some unscheduled server maintenance,” writing that “funds are #safu.” Later Zhao tweeted again asserting that the exchange would “provide a more detailed update shortly.”
Will provide a more detailed update shortly. https://t.co/CCqdwtYFB5
— CZ Binance (@cz_binance) May 7, 2019
As per Zhao, the exchange hasn’t yet identified all impacted accounts. However, the statement clarifies that the breach only impacted Binance’s hot wallet, which contains roughly 2 percent of the exchange’s total bitcoin holdings. He added:
“All of our other wallets are secure and unharmed. The hackers had the patience to wait, and execute well-prepared actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed.”
The announcement further states that the withdrawal triggered internal alarms and Zhao stated that the withdrawals were frozen following the discovery. The deposits and withdrawals will remain suspended for the next week, however, trading will be re-enabled, though he cautioned that “the hackers may still control certain user accounts.”
During the next week, Binance plans to conduct “a thorough security review” encompassing its systems and data. As for covering the losses, the exchange will use its Secure Asset Fund for Users (SAFU fund), ensuring the users are not impacted, as mentioned in the notice.
The SAFU fund consists of 10 percent of all trading fees absorbed by the exchange. Initially launched to protect Binance’s users “in extreme cases,” it is stored in its own cold wallet. Zhao stated on Tuesday
“In this difficult time, we strive to maintain transparency and would be appreciative of your support.”
He went on to conclude the note with stating he would participate in a previously scheduled Twitter “ask-me-anything.”
The prices of bitcoin have been responding to the news, the token dropped $290 alongside most other cryptocurrencies, which are down between 1-10 percent at press time. Binance’s native crypto, Binance Coin (BNB), is also down 8.05 percent and unable to escape the controversy from today’s news.
BNB’s price is continuing to search for a bottom after it broke from a range it had held for 18 days between $22 and $25.40, with a new all-time high at $26.44 on May 3.
Image source – Binance Twitter