Written by: Alex Popa
Binance, the single most important cryptocurrency exchange in the world was attacked by hackers on the 7th of May this year. The total losses amounted to 7.000 BTC worth $41 million. And this was the result of a single transaction.
Last Wednesday, the Binance chief execute officer Zhao Changpeng told the public that they’ve uncovered multiple intrusive methods that the hackers used to infiltrate their systems and commit the robbery.
He said that “the hackers used a variety of techniques, including phishing, viruses and other attacks. We are still concluding all possible methods used. There may also be additional affected accounts that have not been identified yet.”
During the process, the hackers managed to obtain several user API keys, 2FA codes, and quite possibly other private information about each individual Binance user that could prove to be detrimental to their further using the platform.
Such a large theft is quite worrisome considering that Binance is perceived to be the most important cryptocurrency exchange in the world. Logically speaking, they should have top-notch security and encryption protocols in place that should prevent such things from happening.
Of course, that they managed to trick users into stealing their API keys and 2FA codes using phishing attacks is not dependent on them but they have yet to reveal what other attacks the hackers used.
Binance’s hot wallet contained 2% of the exchange’s total holdings, and that is what the hackers chose to infiltrate. Fortunately, this hot wallet didn’t contain the whole bitcoin reserves of the company. Otherwise, this mess would have taken epic proportions.
Most cryptocurrency exchanges use such hot wallets to manage customer transactions, and Binance does the same. The downside to all this is that the hot wallets are connected to the internet, hence the massive vulnerability that the hackers used to circumvent the security and encryption protocols.
This is why they’re named “hot”, after all. The weakness is known to be there. Yet, no one is doing anything to replace them because of the efficiency and practicality of the hot wallets.
Binance revealed in a post that the hackers managed to steal important user information, including two-factor authentication codes. Other information might have also been stolen that facilitated their intrusion into the accounts themselves.
The cold wallets, on the other hand, were untouched. Not even the hackers managed to access them, and they probably knew that since they went directly for the hot wallets.
Most of a cryptocurrency exchange’s total holdings are stored on the cold wallets because of one simple reason – they cannot be hacked. Ever. This is because they aren’t connected to the internet, and there is no way to access them other than physically operating them from inside the company.
Binance revealed on Wednesday that the hackers made the transaction in such a way that it completely eluded their security checks and encryption protocols. However, after the transaction was done, alarms starting flaring up, and the countermeasures went into action instantly.
“It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our systems. We stopped all withdrawals immediately after that”, said Binance.
What’s more, they made guarantees on the losses of all users. They would cover the incident in full, with not a penny missing. During this period, Binance has stopped all transactions, and they are still investigating the event. Trading is still active, although withdrawals and deposits aren’t available for now.
They also warned people that the hackers “may still control certain user accounts and may use those to influence prices.” Keep in mind that, during the last week, Bitcoin has had a booming growth of over 9%. This might very well be thanks to the hackers’ influence on the accounts of some users.
The breach took place on the 7th of May, 2019, at 17:15:24 (UTC).
One of the most important things you could do is secure your money with multiple security protocols. Two-factor authentication, secret questions, physical codes that aren’t stored on the internet, etc.
However, by looking at the details of this particular attack, it is essential that you don’t fall into the trap of phishing attacks. Don’t access any unknown links sent on your email, and don’t just wander around suspicious websites without taking some protection measures in advance.
Use a VPN if you need to further increase your protection or if you know you’ll be conducting BTC transactions on the fly. Wi-Fi networks are notorious for being hubs for hackers, meeting places for the most dangerous cyber-attackers out there.
Secure your device as well, just so no one can gain unauthorized access to it. As we said, you can try using a Virtual Security Network like NordVPN to increase your overall protection against cyber-attacks.
In any case, Binance’s breach tells us one thing – BTC is not only volatile but also prone to being stolen by hackers. Take precautionary measures and secure your cryptocurrencies better, and be warier of what you do on the internet. Don’t give a helping hand to cyber-terrorists by succumbing to phishing attacks.
What happens next remains to be seen but looking at how this attack unfolded, we’ll assume that this isn’t going to stop here. Unless cryptocurrency exchanges enhance their security protocols and manage to replace or secure their hot wallets, there’s nothing to stop another such event from taking place.
User wariness is also one of the key aspects in this case. Some of the losses could have been prevented if they’d have been more careful but this is going to jolt the world into action. The revelation is harsh, indeed, but let’s hope that the $41 million cryptocurrency theft is the biggest one we’ll see.