- Binance lost $41 million in Bitcoin following a highly coordinated attack from particularly patient hackers.
- The hackers stole 2FA credentials and API keys and waited for the right time to hit.
- The loss is reversible, but not without drawbacks, as Binance will need to cover the damage for the affected users.
Binance saw more than 7,000 Bitcoins fly off their platform and into hackers’ pockets, suffering an impact of about 2% of their total cryptocurrency holdings. The incident occurred yesterday afternoon, and while the withdrawal raised alarms, the transaction couldn’t be blocked before it was concluded. According to the official statement, the hackers had obtained a large number of user API keys and two-factor authentication codes and then waited for the right time to wipe the wallets clean in a thoroughly orchestrated and highly coordinated effort. According to Binance, all other wallets are secure and unharmed.
The hackers exhibited patience, executing their planned actions through multiple accounts that were seemingly independent. When the most opportune time came, they launched their attack, overruled the security checks that are in place, and stole what is the equivalent of about $41 million in cryptocurrency. Binance states that they will need about a week before they can draw safe conclusions about the full effect of this attack, as they need to conduct a thorough investigation. During this week, all deposits and withdrawals will remain suspended, so users of the biggest cryptocurrency exchange platform in the world will need to be patient for a while.
Those who have lost their precious Bitcoins should not fall into despair. Binance is a reliable platform and one of the reasons backing this trust is its “Secure Asset Fund for Users”, or SAFU. This is an emergency insurance fund that was created by allocating 10% of all trading fees since last summer, meant to support users and their funds in extreme cases. The SAFU fund is stored in a separate cold wallet, and will now be used to cover the losses of the users who had their wallets emptied. The decision was taken and announced on Twitter by the CEO of Binance, Changpeng Zhao.
Thanks for the support, really appreciate it. But currently no need. We will cover the loss from the #SAFU fund, there is enough. We are hurt, but not broke.
We are working hard to resolve the issue, so that everyone can deposit and withdrawal again. Will take some time. https://t.co/0j4J0fk99W
— CZ Binance (@cz_binance) May 8, 2019
Still, the company doesn’t know how many users were affected, and neither do they know how many accounts are still held by hackers. Because the cryptocurrency prices can still be influenced by them in the meantime, all withdrawals will remain disabled to remove the incentive for the hackers. The team will be monitoring all activities in order to figure out if there is a suspiciously coordinated activity connecting seemingly independent accounts again, so hopefully, the order will be restored soon. Binance also considered a rollback, but they will most probably not do it because that would damage the credibility of Bitcoin. As the Binance CEO stated, they will accept the situation as a very expensive lesson for them, as it was their responsibility to safeguard the user funds.