On the night of May 7, 2019, representatives of one of the largest cryptocurrency exchanges in the world, Binance, reported that the platform suffered from a large-scale and well-planned hacker attack. As a result, 7000 BTC were stolen from the exchange (about 41 million dollars at the exchange rate at the time of the attack), which the attackers withdrew in one transaction.
According to the official Binance report, hackers managed to get a large number of API keys, two-factor authentication codes and other user data. To do this, the attackers used a variety of different techniques, including phishing, malware infection and so on. The investigation of the incident is still ongoing. The exchange’s experts do not exclude that additional attack vectors can be identified.
According to the latest data, the incident affected only the hot BTC-wallet of the exchange, which contained ~ 2% of the total bitcoin. Other wallets did not affect the incident.
Hackers carefully planned their attack. They used many accounts that are not connected at first glance. In particular, the transaction, by which funds were withdrawn from the exchange, was prepared in such a way that the protective mechanisms did not respond to it. The anomaly was fixed only after the cryptocurrency was withdrawn.
Because of the attack, Binance temporarily suspend withdrawals and deposit of funds, and the site urgently stopped working to conduct an investigation. It is expected that the investigation will take one week, and all this time, users will not be able to use the deposit/withdrawal of funds, although the bidding will continue as usual. Representatives of Binance assured that the attack will not affect the users of the exchange and their assets. The resource promises to fully compensate for all the losses with the help of the Secure Asset Fund for Users fund (SAFU).