Binance, one of the world’s largest cryptocurrency exchanges, has been hit with “a large scale security breach” in which hackers stole over $40 million worth of bitcoin, the company said in a statement.
The hackers reportedly absconded with 7,000 units of bitcoin, along with user information such as API keys, two-factor codes, and “potentially other info.”
The exchanged managed to trace the hack to a single wallet – the so-called “hot wallet” connected to the internet – which holds 2% of the company’s bitcoin holdings. The hackers apparently used a variety of methods, including phishing and viruses.
The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that.
Binance also suspended deposits but will allow trading to continue, with a warning that “hackers may still control certain user accounts and may use those to influence prices in the meantime.”
The company plans to hold a thorough security review of all its systems and data and stated that will post frequent updates as it goes along. It will be using it’s secure asset fund for users (SAFU) to cover the losses, making sure that no user funds will be affected.
Photo: iStock