Binance has discovered a large scale security breach resulting in the loss of 7000 bitcoins.
// STAY UP TO DATE – FOLLOW BLOCKCHAIN DAILY ON TWITTER: @BLCKCHAINDAILY
Deposits and withdrawals will remain suspended for approximately one week.
Hackers were able to obtain a large number of user API keys, 2FA codes, and potentially other info.
The hackers used a variety of techniques, including phishing, viruses and other attacks. Binance is still concluding all possible methods used.
There may also be additional affected accounts that have not been identified yet.
The hackers were able to withdraw 7000 BTC in this one transaction: https://www.blockchain.com/btc/tx/e8b406091959700dbffcff30a60b190133721e5c39e89bb5fe23c5a554ab05ea
“The above transaction is the only affected transaction,” stated in Binance in an official blog post.
“It impacted our BTC hot wallet only (which contained about 2% of our total BTC holdings). All of our other wallets are secure and unharmed. The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that.”
Binance will use the #SAFU fund to cover this incident in full. No user funds will be affected.
“We must conduct a thorough security review,” the company stated.
“The security review will include all parts of our systems and data, which is large. We estimate this will take about ONE WEEK. We will post updates frequently as we progress.”
Binance will continue to enable trading, so that you may adjust your positions if you wish.
“Please also understand that the hackers may still control certain user accounts and may use those to influence prices in the meantime,” stated Binance.
“We will monitor the situation closely. But we believe with withdrawals disabled, there isn’t much incentive for hackers to influence markets.”
In this difficult time, we strive to maintain transparency and would be appreciative of your support.