Binance has experienced a ‘large scale’ hack that resulted in 7,000 BTC (around $40 mln) stolen from the exchange. All withdrawals are halted until the Malta-based crypto giant deals with security concerns.
Binance loses $40 mln, 2 percent of its BTC holdings
The fact that Binance, the biggest exchange by trading volumes, is not immune to hackers sent shockwaves around the crypto community. The news even appeared on the front page of Bloomberg terminal.
Sometimes when I step back and think, am amazed by how crypto industry news has become mainstream and white glove finance news.— Su Zhu (@zhusu) May 8, 2019
Binance hack has made it to Bloomberg terminal front page, featuring along-side reportings on central bank activities. pic.twitter.com/LsDggluwcr
The official statement, which was published by Binance shortly after the security breach, was detected, reveals that hackers stole the victims’ API keys and 2FA codes. Hence, they managed to steal 2 percent of the exchange’s BTC holdings that weren’t stored in cold wallets. In order to pull off this highly advanced attack, the bad actors used different sophisticated techniques that involve phishing and viruses.
“The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time,” the statement read.
Withdrawals are halted, but Binance will cover the losses
“Right now, our main effort is focused on rebuilding and recovering the system. Unfortunately, before we finish that, we won’t be able to release withdrawals,” said Binance CEO Changpeng Zhao during his Twitter live stream. He also added that they would conduct a couple of system upgrades that will halt trading during the upcoming weeks.
CZ recommends its users to change their API keys and re-enable 2FA authentification.
He praises other exchanges and projects that gave him the helping hand, including Tron and Coinbase. Tron CEO Justin Sun offered to deposit $40 mln of his own money to the embattled exchange. However, Bitnance states that all losses will be covered with the help of their secure funds for users (SAFU).
A potential Bitcoin rollback shocks the community
During the aforementioned live stream, CZ suggested that he might also ask miners to rollback chain in order to recover the stolen funds. As expected, that didn’t go well with the Bitcoin community that has been opposing mining centralization for a long time.
The fact that miners are even able to plot large reogrs is a huge slap in the face to Bitcoin’s core ideals. It makes everyone question the coin's security and centralization.
There won’t be a reorg to recover the Binance funds. It’s too hard to pull off successfully and too risky for pools to attempt it.— Samson Mow (@Excellion) May 8, 2019
Dear @cz_binance please stop considering an attack on the bitcoin blockchain to fix your mistakes. We don't do rolbacks here. Perhaps consider adding an option to your platform for users to designate their funds for 100% cold storage with manual withdrawal review.— WidespreadBTC (@WidespreadBTC) May 8, 2019
The fact that this is even possible is highly concerning and makes me question Bitcoin’s security model like I never have before.— Chris Blec (@ChrisBlec) May 8, 2019
CZ does recognize the potential danger of the network reorganization, claiming that they will consider it ‘very, very carefully. ’ Still, the fact that a single party can consider a rollback that will potentially disrupt the markets is an undeniably bad sign for Bitcoin.
Little effect on the BTC price
After the Binance news, the Bitcoin price immediately plunged to the $5,795 level, but it quickly rebounded. At the time of writing, BTC is trading at $5,874.70.