Binance, the world’s largest cryptocurrency exchange by trading volume was hacked on May 7. According to the official blog post from the exchange suggest that the exchange discovered a large scale security breach where hackers stole more than 7,000 bitcoin.
The official blog post from Binance reveals that the attackers were able to get a huge number of customer Application Programming Interface API keys, 2FA codes, and potentially other important information. The hackers implemented different techniques which include phishing, viruses and other hacking methods. The exchange is still assessing all the possible methods used by the hackers. Binance also highlights that they have not identified additional affected accounts yet.
The exchange disclosed about the hack hours after the CEO of Binance, changpeng zhao tweeted that the exchange was about to undergo “some unscheduled server maintenance,” adding that “funds are #safu.” After the disclosure announcement, CZ shared on his official twitter handle that the exchange would “provide a more detailed update shortly.”
Further, the exchange added in their official disclosure that the breach only impacted Binance’s hot wallet, which contains approximately 2 percent of the exchange’s overall Bitcoin [BTC] holdings.
The blog post states, “All of our other wallets are secure and unharmed.”
The exchange has assured that they will use the #SAFU fund to cover this incident completely and no Binance customer funds will be affected. The exchange found the fund in July 2018 as a kind of emergency insurance. According to the reports the exchange allots 10% of its total trading fees to finance emergency fund SAFU.
According to CZ, the Binance team will conduct thorough security review including all sections of the systems and data. It will take approximately one week, during which the exchange will update the progress. During the period the deposits and withdrawals will need to remain suspended.
The blog post suggests that the exchange will continue to enable trading, so that the customers may adjust the positions according to their wish. They warn customers that the attackers may still control certain customer accounts and utilize those to influence prices. Binance has ensured there isn’t much incentive for the hackers to influence the markets as the withdrawals are disabled and they will closely invigilate the situation.