Crypto Exchange Binance Loses $40M USD In Hot Wallet Breachbr>
Binance, one of the world’s largest cryptocurrency exchanges, has suffered a large scale security breach in which it lost 7000 BTC ($40M USD).
On Tuesday, Binance said that hackers used a variety of attack methods, including phishing, viruses and other attacks, to carry out the large scale security breach. The hackers also managed to obtain a large number of user API keys, 2FA codes, and potentially other info.
Acording to Binance, the hackers were able to withdraw 7000 BTC in one transaction, which only impacted the exchange’s BTC hot wallet, containing about 2% of their total BTC holdings. The rest of its BTC holdings are on cold wallets and have been unharmed by the hack.
“The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time,” Binance said. “The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that.”
Binance said that it will use the Secure Asset Fund for Users (SAFU Fund) to cover the incident in full and assured its users that their funds will not be affected by the hack.
“We must conduct a thorough security review. The security review will include all parts of our systems and data, which is large,” the exchange said. “We estimate this will take about one week. We will post updates frequently as we progress. Most importantly, deposits and withdrawals will need to remain suspended during this period of time. We beg for your understanding in this difficult situation.”
Following the hack, Binance CEO Changpeng Zhao hosted an Ask-Me-Anything live session and stated that the hack was a very advanced effort executed by “very patient” hackers who waited until they had a number of high net worth accounts. The CEO encouraged users to change their API keys and two-factor authentication.