For once, funds are not SAFU! Leading cryptocurrency exchange Binance suffered an unprecedented loss after hackers managed to breach their security systems and steal 7000 BTC valued at around $41 million.
According to the exchange, hackers gained access to a large number of user API keys, 2FA codes, and other sensitive information which enabled them to propagate this attack. They used a variety of techniques such as phishing, viruses and other sophisticated forms of attacks.
In its update, Binance said that they have not identified all the affected accounts. However, the platform also clarified that the hack only affected their hot wallets, which contained 2% of their Bitcoin holdings.
The revelation came within hours of Binance CEO Changpeng Zhao’s tweet that the exchange is performing an unscheduled server maintenance that will impact deposits and withdrawals. However, he also said that funds are ‘SAFU’!
The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that.Statement from Binance Exchange
Binance will cover the loss from its Secure Asset Fund for Users (SAFU). The exchange started allocating 10% of all trading fees towards this fund last year onwards to protect user funds in extreme cases.
More importantly, crypto deposits and withdrawals will remain suspended for atleast one week, till Binance conducts a thorough security review. However, trading will continue as usual.
Binance Remains Transparent
CZ has been trying his best to be transparent about the whole situation. He explained the situation in a series of tweets.
Bitcoin Rollback Considered, but Binance not going ahead with it
CZ hosted an AMA session to address some of the user concerns following the hack. He also addressed a point around the possibility of a rollback of the Bitcoin network transactions, a controversial move which would require the go-ahead of major miners to cover more than 51% of the network’s hashing power.
According to CoinDesk, CZ said:
To be honest, we can actually do this probably within the next a few days. But there’re concerns that if we do a rollback on the bitcoin network at that scale, it may have some negative consequences, in terms of destroying the credibility for bitcoin.
However, he also added that there are ethical and reputational considerations for the Bitcoin network with this move. Following his discussions with some other industry veterans, CZ decided not to go ahead with it:
Expectedly, the market did not react favourably to the announcement. Bitcoin price dropped by $159 to a low of $5795. At the time of writing, it had made some recovery and was trading at $5899 on the international markets. BNB also suffered losses in the range of 5% over the last 24 hours and was trading at $21.10.
Crypto Dost spoke to Usman Ahmad, CIO of Hon Kong-based BC Group, about the Binance hack:
Even the biggest names in the industry can face challenges due to malicious actors. Dealing with issues in a transparent manner is critical and ensuring that customers have peace of mind and that they are protected helps to maintain credibility. In addition to the highest degree of physical and cybersecurity, we believe that some form of insured custody is the most efficient way to accomplish this, helping investors and traders to manage all facets of risk, including fraudulent activity.
This hack is a stark reminder that no exchange is completely safe from hackers. Having a diversified security strategy, with maximum assets under your own control is the best way to stay protected in the current market.