Binance, the biggest cryptocurrency exchange, has seen 7,000 BTC stolen from its hot wallet in what the exchange described as a “large scale security breach” late on Tuesday night. Binance CEO Changpeng Zhao (CZ) was quick to announce that no users have lost funds and that the Binance #SAFU fund will cover the loss. Binance was known as one of the most secure exchanges in the cryptocurrency space, but has long been a target for hackers given the large amounts of money the exchange holds in hot wallets. As a result of the hack the exchange has suspended withdrawals and deposits for a week, although trading can continue.
“Very Advanced, Persistent” Hack
The alarm was first raised when CZ posted on Twitter that Binance was down for “unscheduled maintenance”, which is a phrase that sends many a crypto lover’s heart racing, and indeed it didn’t take long for some to note the possible reason:
Got anything to do with the 7000 BTC that left the hotwallet in one transaction?
— sajklan aka psygam₿ler ⚡️ (@sajklan) May 7, 2019
This proved to be a prophetic response, as some four hours later the announcement came that a complex and sophisticated attack had taken place on the platform, with the 7,000 BTC able to be withdrawn in one transaction before the alarms were triggered. The statement highlighted some of the methods used in the attack:
Hackers were able to obtain a large number of user API keys, 2FA codes, and potentially other info. The hackers used a variety of techniques, including phishing, viruses and other attacks. We are still concluding all possible methods used.
The statement adds that, unlike hacks on other exchanges, all the lost funds are covered by the exchange’s insurance fund and that all user funds are safe, with CZ taking to Twitter again to conduct and AMA to answer user questions. In the AMA he states that the attack was a “very advanced, persistent hacking effort” that used “both internal and external methods to…get a lot of user accounts”. Given Binance’s levels of security, the scale of the attack and the amount of work behind it must have been immense.
Reorg is a No Go
Justin Sun, CEO of Tron, once again showing his incredible knack for self-promotion, offered to buy $40 million worth of his own tokens on the platform in order to “support Binance”, which led to appropriate ridicule. More genuine offers of support came from some who suggested that a ‘reorg’ of the blockchain, which essentially involves conducting a 51% attack on the network, could reversing the withdrawal. While this process might have resulted in the return of some if not all of the stolen funds, there are technical and moral issues to take into consideration with a reorg, with these considerations being the reason behind Bitfinex’s decision not to conduct a reorg after their hack in 2016. CZ acknowledged these difficulties when discounting the option:
After speaking with various parties, including @JeremyRubin, @_prestwich, @bcmakes, @hasufl, @JihanWu and others, we decided NOT to pursue the re-org approach. Considerations being:
— CZ Binance (@cz_binance) May 8, 2019
Muted Market Response
The markets responded negatively to the news, with the market cap given a $6 billion haircut and the price of BTC dropping by $200, but a recovery was soon underway and the impact seems to have been minimal. If this news had come six months ago, rather than at a time when the market is generally bullish, the results could have been disastrous for the markets. With Binance semi-disabled for a week we might see some interesting market action in the coming days, especially with Consensus coming up, as users await more information that is sure to come in the following days.