- Binance hot wallet hacked; 7000 BTC stolen
- The exchange has stopped all deposits and withdrawals until the investigation is complete
- The loss will be recovered from the SAFU fund, that solely originated for scenarios like this
- CEO Changpeng Zhao stated that the company will not issue a rollback which was previously being demanded by the Bitcoin community
Ever since the origin of cryptocurrency trading, there have been numerous incidents of exchanges falling prey to the hands of notorious hackers. Earlier today, Binance, the world’s no. 1 exchange by volume and the most popular exchange among cryptocurrency enthusiasts reported that a group of hackers was able to breach the exchange’s security and gain access to a lot of sensitive user information. The group also stole 7000 BTC, worth around $40 million, from the exchange’s hot wallet.
Binance is considered one of the most trusted and secure exchanges and nobody expected such a mishap to materialize.
CEO Changpeng Zhao made an announcement on twitter right before the details were published that “unscheduled server maintenance” was underway.
The report revealed that the hackers were able to obtain user API keys, two-factor authentication codes (2FA), and other sensitive user information. At present, the exchange can’t shed any light on how many of the accounts have been affected but the exchange claims that the hackers used a variety of attacks including phishing and a severe malware attack to carry on the hack. The Report stated that:
“Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that.”
Not the best of days, but we will stay transparent. Thank you for your support!https://t.co/Y1CQOatEpi
— CZ Binance (@cz_binance) May 7, 2019
Justin Sun, CEO of TRON, extended his support to Binance. He tweeted:
— Justin Sun (@justinsuntron) May 8, 2019
Binance CEO replied saying that he really appreciates the help but as of now the exchange will cover all the losses from “the #SAFU fund” which is sufficient enough.
Thanks for the support, really appreciate it. But currently no need. We will cover the loss from the #SAFU fund, there is enough. We are hurt, but not broke.
We are working hard to resolve the issue, so that everyone can deposit and withdrawal again. Will take some time. https://t.co/0j4J0fk99W
— CZ Binance (@cz_binance) May 8, 2019
What is the #SAFU Fund?
SAFU stands for Secure Asset Fund for Users. The company started allocating 10 percent of its trading fees every month since July last year to the SAFU fund to tackle emergency situations like this one. The firm hasn’t revealed any information as to how much there is in the recovery fund, but the company says there is enough to recover from the $40 million loss.
So what happens now?
As of now, the exchange has stated that deposits and withdrawals will remain suspended until the company completes their thorough investigation.
To clearly answer various questions regarding the hack, Zhao held a twitter ask me anything session where he shared more details of the hack and mentioned that the attack was very advanced and the hackers were very patient.
The company is currently working with other exchanges like Coinbase to block deposits from the hacked addresses. The complete process before deposits and withdrawals will resume can take up to one week as they need to “make sure” they “completely eradicate any trace of hackers” in their accounts and data. The CEO urged users to change their API keys and two-factor authentication immediately for better security.
As a response to the questions about issuing a rollback, the chief officer said that there are various concerns to do a rollback on the Bitcoin network on a large scale and there may be various negative consequences as well. Later on, he tweeted:
— CZ Binance (@cz_binance) May 8, 2019
Are Decentralized Exchanges the Answer?
Binance recently launched its decentralized exchange called the Binance Dex ahead of schedule and had various major developments like the launch of their very own blockchain network called Binance Chain. Their native token BNB migrated from the Ethereum platform and now runs on the company’s own blockchain.
Also, this wasn’t the first time an exchange was hacked this severely, as previously reported by Blockchain Reporter, New Zealand-based cryptocurrency exchange Cryptopia was hacked this January where firm lost $2.5 million worth of ether.
Similarly, in 2018, crypto exchange CoinCheck recorded a gigantic loss of $533 million to hackers.
It is hereby proved that the security of these exchanges is still not up to the level where they can prevent attacks like this. If your exchange has been hacked, here are a few tips that can help you figure things out. It is strongly advised to use cold wallets to keep your digital assets safe and secure.