Binance Security Breach Update - Hot Wallet HACKED - 7000 BTC - $40 million !!!!

in binance •  15 days ago 

binance.png

We have discovered a large scale security breach today, May 7, 2019 at 17:15:24. Hackers were able to obtain a large number of user API keys, 2FA codes, and potentially other info. The hackers used a variety of techniques, including phishing, viruses and other attacks. We are still concluding all possible methods used. There may also be additional affected accounts that have not been identified yet.

The hackers were able to withdraw 7000 BTC in this one transaction: https://www.blockchain.com/btc/tx/e8b406091959700dbffcff30a60b190133721e5c39e89bb5fe23c5a554ab05ea

The above transaction is the only affected transaction. It impacted our BTC hot wallet only (which contained about 2% of our total BTC holdings). All of our other wallets are secure and unharmed.

The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that.

**Binance will use the #SAFU fund to cover this incident in full. No user funds will be affected.
**
We must conduct a thorough security review. The security review will include all parts of our systems and data, which is large. We estimate this will take about ONE WEEK. We will post updates frequently as we progress.

Most importantly, deposits and withdrawals will need to REMAIN SUSPENDED during this period of time. We beg for your understanding in this difficult situation.

We will continue to enable trading, so that you may adjust your positions if you wish. Please also understand that the hackers may still control certain user accounts and may use those to influence prices in the meantime. We will monitor the situation closely. But we believe with withdrawals disabled, there isn’t much incentive for hackers to influence markets.

In this difficult time, we strive to maintain transparency and would be appreciative of your support.

PS, I (CZ) will continue the previously scheduled Twitter AMA in a couple of hours.

  • CZ

source: https://binance.zendesk.com/hc/en-us/articles/360028031711

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

Funds are safu
Confirmed live now from Cz himself on binance Twitter AMA

Security Update: API Key Reset

Fellow Binancians,

Due to irregular trading on some APIs, Binance will restrict all currently existing API keys to have trading functionality only. These keys will then be removed in full at 2019/05/08 1:30 PM (UTC).

API users can choose to recreate their API keys now to receive full functionality of API usage going forward. These newly created API keys will not be removed at 1:30 PM (UTC).

We apologize for any inconvenience caused, and thank you for your patience.

Thanks for your support!

Binance Team

2019/05/08

https://binance.zendesk.com/hc/en-us/articles/360027851252-Security-Update-API-Key-Reset

That's why noone should have any of his cryptoat any exchange.
Even Binance got hacked.
Ευχαριστώ για το support στα βιντεο μου και στο προφίλ @steemskate.
Να σαι καλα φιλε μου.

Posted using Partiko Android

·

Να σαι καλά αδελφέ.

To listen to the audio version of this article click on the play image.

Brought to you by @tts. If you find it useful please consider upvoting this reply.

Fuck, how site that big can be hacked

Posted using Partiko Android

It would be instructive to learn the full details of how this happened, after the vulnerability has been blocked.

Right now it seems unusual that the largest exchange did not have a security scanning system to block bc1 type bitcoin addresses that was already known in the industry to be associated with a lot of threats.

And also an explanation of how they overcame the 100BTC limit on withdrawal per account, which is in place for verified accounts.

More on these here:
https://steemit.com/blockchain/@kenraphael/could-binance-have-lost-more-than-the-reported-7-000-btc-and-what-more-exchanges-can-do-to-enhance-security

In my eyes it's more than suspicious that Justin Sun instantly wants to offer 7000 BTC. I don't know but something is wrong by that 😄

Posted using Partiko Android

Hackers should really be punished severely if they are catches. This really has to stopped. What a huge figure that has been stolen

that's terrible news

Καλημέρα, πραγματικά κάποιες φορές δεν καταλαβαίνω πώς μπορούν και τα χακάρουν τόσο μεγάλα ανταλλακτήρια?