Binance, one of the world’s leading cryptocurrency exchanges has been hacked. Approximately $42 million in bitcoin is confirmed to have been stolen.
Earlier today, CEO Changpeng “CZ” Zhao alerted customers via Twitter that the exchange had to undergo “unexpected server maintenance” that would temporarily impact deposits and withdrawals.
Have to perform some unscheduled server maintenance that will impact deposits and withdrawals for a couple hours. No need to FUD. Funds are #safu.
— CZ 🔶 BNB (@cz_binance) May 7, 2019
Zhao assured customers that their funds were ‘#safu’ (safe) and that there was nothing to worry about.
It was later revealed that at 5:15 pm local time, the exchange suffered a “large scale security breach”.
According to the most recent update posted on Binance’s blog, the hackers launched an attack against the exchange that enabled them to withdraw 7000 BTC from Binance’s hot wallet in a single transaction.
In addition to the bitcoin theft, they were also able to obtain a large amount of user data, including API keys, 2FA codes, and other information.
Not the best of days, but we will stay transparent. Thank you for your support!https://t.co/Y1CQOatEpi
— CZ 🔶 BNB (@cz_binance) May 7, 2019
Multi-pronged attack
A preliminary investigation has uncovered a methodical, multi-pronged attack that employed phishing, viruses, and other vectors of attack.
“The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks,” the exchange explained.
Once the transaction was executed, alarms were triggered and all other withdrawals were subsequently stopped.
No user funds affected
Binance has been quick to reassure customers that the theft was limited to a single transaction and only its bitcoin hot wallet was impacted:
“The above transaction is the only affected transaction. It impacted our BTC hot wallet only (which contained about 2% of our total BTC holdings). All of our other wallets are secure and unharmed.”
Furthermore, it has stressed that any user losses stemming from the hack will be reimbursed:
“Binance will use the #SAFU fund to cover this incident in full. No user funds will be affected.”
Community response
In the wake of the hack, many in the crypto community are praising Binance’s transparent response and intent to cover losses.
Yes Binance got hacked, BUT:
1. Really appreciate the level of transparency how Binance communicated the hack to its users.
2. 100% of hacked funds are covered by Binance #SAFU fund.All in all, great job @cz_binance @binance . Still the best exchange around.$BTC $ETH $BNB
— 0xMoses (@0xMoses8) May 8, 2019
While the crypto market has yet to feel the impact from this latest blow, some members of the crypto community are already predicting consequences of another sort entirely.
2 percent is a lot when your the worlds largest crypto exchange. No way to spin this as good. Will certainly bring more scrutiny from regulators. https://t.co/uqFH3tStCp
— Mike Novogratz (@novogratz) May 7, 2019
At press time, the Bitcoin market appears to be largely unaffected, trading at an average of $5842 – a slight gain over the past 24 hours.