Binance, the world’s largest cryptocurrency exchange by trading volume and the exchange behind Binance Chain, has been hacked. According to a statement from Changpeng Zhao, the CEO of the fluid exchange, attackers managed to slip away with 7,000 Bitcoins (BTC) or roughly $42 million in fiat terms. This is the first time the exchange has been hacked, barely two years after launch.
The 7,000 BTC Heist
Binance discovered the hack on May 7, 2019 at 17:15:24 (UTC) revealing that the attackers “used a variety of techniques, including phishing, viruses and other attacks” to “obtain a large number of user API keys, 2FA codes, and potentially other info.” In response, the exchange is weighing on different avenues to prevent transaction break-down and dissipation. The hack came a few weeks after Binance partnered with CipherTrace, a sought after blockchain analytics company.
“We have discovered a large-scale security breach today, May 7, 2019 at 17:15:24 (UTC). Hackers were able to obtain a large number of user API keys, 2FA codes, and potentially other info. The hackers used a variety of techniques, including phishing, viruses and other attacks. We are still concluding all possible methods used. There may also be additional affected accounts that have not been identified yet.”
Even though hackers managed to get away with 7,000 BTCs from the exchange’s hot wallet, Changpeng Zhao is assuring clients that all other digital asset wallets—cold and hot, are secure and safe. Besides, affected users will be compensated thanks to an insurance policy the exchange procured and bankrolled from a fraction of trading fees.
“Binance will use the #SAFU fund to cover this incident in full. No user funds will be affected.”
Roll Back is Not an Option
Even so, Changpeng Zhao and the Binance team is exploring ways of reversing this illegal transfer. Although there first instinct was to trigger a roll back, the decentralized nature of blockchain and other requirements as asking pools to funnel 75 percent of the total network’s hash rate has been binned as the cons outweighs the pros.
Aside from the hash rate demands, Changpeng Zhao noted that a re-org would damage the credibility of Bitcoin as a trustless network, may cause a split in the network—which could be more expensive that what the community is trying to recoup. A major takeaway now is that these hackers revealed “weak points” making the hack “a very expensive lesson.”
The breach is just but the many that have taken place in the past few months. After hackers made away with more than $15 million from Cryptopia, Cotten passed away without revealing the private keys of Quadriga CX’s cold wallet leading to a $190 million dent. The unexpected flaw in Binance bring to light the fallibilities of custodial exchange wallet and the need of a complete digital asset control in line with blockchain principles.