You are viewing a single comment's thread from:
RE: Binance Hack and SEC "Statement on Potentially Unlawful Online Platforms for Trading Digital Assets"
I think 2FA would have helped because they used a phishing attack to get into the account. If you think you're logging into a site but you don't get asked for 2FA, you know something isn't right. What definitely would have helped would be using a password manager browser plugin like 1Password which only fills passwords if the URL matches what is already saved.
Once they had access to the account, they used the APIs to control the heist later. People should also check their login history and verify the IPs make sense.
And yes, I'm a fan of CryptoBridge as well. My last post was about RavenCoin which is currently only trading on CryptoBridge.
Thanks for the SmartCash tip :)
Yeah you make great recommendations. I too am a big fan of 1Password. I don't know what I would do without it. You are correct about the 2FA and the phishing attack. They broke into the accounts then enabled the APIs. Very nasty. However, I heard that Binance was able to respond fast enough to keep them from withdrawing from the 31 accounts they created ahead of time that owned the VIA coin that they sold into BTC. Binance was able to replay the transaction and restore the money back to the people that got hacked. I haven't confirmed what I just wrote but I heard this from Crypt0.
You are welcome for the SmartCash. Enjoy