Know-Your-Customer. An infamous solution of user verification, a standard in the world of cryptocurrency exchanges. We’re usually not eager to provide our personal data to third-parties. However, in the case of the most prominent players of the crypto world, we are assured about the highest level of security. In theory.

In practice, after the major leak of Binance users data which happened last week, we can’t be so sure about our safety and privacy in the crypto industry. Moreover, the overall context of this situation is even more disturbing and strange than stolen data. Maybe, because Binance claims there was no leak at all? But first things first.

Hacker hacks hackers

The world heard about Binance troubles on August 7th, but the whole affair goes much deeper – at least according to CoinDesk, the primary source of information concerning the leak. Approximately a month before, an anonymous person, who is hiding under a nickname “Bnatov Platon”, contacted with Binance and informed about the stolen data.

According to Platon, he hasn’t acquired users data directly from Binance. The case reaches much further – to the infamous hackers attack on Binance’s servers in May. Platon claims he managed to hack that group, in order to reveal their identity to the public. However, when he, additionally, got access to the photos of 10,000 of Binance users, he decided to do something more.

That’s where this case is getting more complicated. Back in the time of “Bitcoin heist” Binance informed that hackers might acquire customers APIs, two-factor codes, and “potentially other information.” If Platon statement is true, this “other information” might be indeed the leaked photos.

The negotiations were (not) short

As we said before, our freelancer hacker decided to contact with Binance to consult the further actions. We have two different points of view on that arrangement. From the cryptocurrency exchange perspective, the individual hacker was trying to extort 300 BTC for not revealing the customers data to the public. Changpeng Zhao, the Binance CEO and the face of the company, described those actions as fear, uncertainty, and doubt strategy (FUD) and tried to discredit the hacker.

But Platon presents a far more complicated overview of the situation. At the moment of writing of this article, he is still active on his Twitter account, providing more and more pieces of information. On 12.08.2019, he posted some screenshots of his conversation with Binance security.

According to them, he offers cooperation in tracking money stolen in May and the hacker who stands behind it. Later, he claimed to possess information about an insider in Binance, who helped in bitcoins heist. Finally, he admitted he had private data of Binance users, too.

In the course of negotiations, he asked for 300 BTC both to help catch the people responsible for stealing the money and not to reveal customers data to the public. He insisted on receiving those funds in small parts, in exchange for every piece of information passed. But Binance didn’t want to agree to such conditions.

Real photos? Not for Binance

Nevertheless, the negotiations didn’t bring any solution, and Platon started to post some of the acquired photos on some groups on the Telegram, created especially for this purpose. Although they have been gradually deleted by the service admins, the leaked content managed to spread across the Internet. But according to Binance, the authenticity of the pictures is questionable. As they said in an official statement:

“At the present time, no evidence has been supplied that indicates any KYC images have been obtained from Binance, as these images do not contain the digital watermark imprinted by our system. With that said, our security team is hard at work pursuing all possible leads in an attempt to identify the source of these images.”

However, despite the lack of watermark, the leaked photos contain sheets of paper with handwritten “Binance” on it. If we confront that fact with the aforementioned statement, we can find two possible explanations. First assumes that images actually don’t come from Binance. However, who else would take a picture with their own ID on it and the name of the exchange, other than trader passing a verification process?

Moreover, according to John Biggs, leaked pictures refer to real people. He claims that CoinDesk attempts to contact some of them with data visible on photos, like email addresses. And they actually appeared to be Binance users.

That leads us to the second conclusion. Despite the lack of watermark, all photos come from Binance servers. The lack of a standard signature was, however, a sufficient argument for a cryptocurrency exchange to deny any connections between them.

Key to the money

But how this case relates to the stolen money? All pictures might be acquired by Platon directly from Binance as well, not from hackers. The complete reference to recent hackers would be, in this case, just a convincing backstory.

Here again, we rely on CoinDesk. As we may read in Biggs’s article, the hacker send them not only some stolen pictures but also pieces of data associated with them. Those codes, according to Viktor Shpak, of the blockchain development firm VisibleMagic, appear to be used in the process of stealing API keys from Binance users.

Moreover, Shpak suggests that the whole procedure was most likely initiated by an insider, who helped in getting access to users API. Those keys would later allow performing all possible activities related to the associated account – including transferring stored coins.

White knight, evil corporation and crypto spotlight?

The case is still ongoing. Platon keeps posting new photos, and it seems he isn’t going to stop. Binance set a prize for any information about the anonymous hacker. And we have more questions than actual answers. All three figures of this unexpected crypto drama seem to have taken some specific attitudes.

Our mysterious individual tries to describe himself as a white hacker, who altruistically try to disclose the actions of bitcoins thefts. But when he realized about Binance indifference, he also swears to fight with the vicious corporation. At least that how he presents the situation through his Twitter account

Binance seems to be immovable about hacker’s actions. Changpeng Zhao briefly comments the whole case as FUD attack on the exchange. Later, in an official statement, the company denies any connections between them and leaked photos. Binance set up the reward for help in tracking a rogue hacker – up to 25 BTC. No comments about the insider in their ranks, vulnerability of the security system, or the apparent authenticity of leaked photos.

But probably the most essential character in the whole case is CoinDesk. All information about the leak was provided to public opinion by this crypto oriented news site. John Biggs described the incident in a long article, which he additionally commented on a video. According to him, CoinDesk helped Platon to contact with the exchange.

“Crypto were supposed to replace banks. Now crypto exchanges are becoming banks”

The CoinDesk site begs the question of how far the press can change the perception of the situation. Has the help given to Platon broken the journalistic objectivity? On the other hand, when it comes to a massive leak of users ID, it’s hard to judge CoinDesk of actively participating in this case.

Especially when Binance’s approach is far more questionable. This leak is another threat to the company’s reputation, after the bitcoin theft a few months ago. Moreover, they simply ignore the possible connection between the two cases and the insider who might have helped thieves.



Why Binance’s security problems are alarming? One of the major ideas behind the cryptocurrency concept is its security. We’re choosing crypto because we believe it’s an alternative for centralized fiat currencies. Bitcoin rose on the belief in the truly safe, private, and independent money. But when the whole industry was built around it, those ideals were lost somewhere.

In the light of such leaks, companies like Binance seem to be nothing more than other companies that put their own good ahead of their customers. From the perspective of the ordinary trader, such a situation is a bad sign for the crypto industry. John Biggs words are probably the best commentary for it:

“The implication for people using Binance is that we are in the situation when Binance is not to be trusted with your KYC information until they basically clear up the processes. That does make things more secure is what banks have already figured out, that spending money on security and security protocols can really lock down the system. But the process, all that lockdown also adds layers of messy control over the system that’s supposed to be streamlined and simple. Crypto were supposed to replace banks. Now crypto exchanges are becoming banks”

And what about the hacker? Is he indeed a hero, who tries to fight for the truth on his own? But it doesn’t justify revealing someone’s private information. Or maybe he is just looking for the money? If so, why he just doesn’t sell the stolen data on some marketplace in darknet? One thing is sure: Bnatov Platon is still active, and we don’t know what his next step will be.

So, what do you think about that? You can let us know your opinion on our new Facebook’s group.

Remember, you can submit there any topic you want. We are open for discussions about blockchain and cryptocurrency world. In our group, you will meet other crypto enthusiasts like you!

You will find all of us there. Join the group and become a member of the BlockChain24 community!

You should also follow our social media to be up-to-date:

Facebook: https://www.facebook.com/blockchain24.co/

FB group: https://www.facebook.com/groups/558806504523325/

Twitter: https://twitter.com/Blockchain24Co

LinkedIn: https://www.linkedin.com/company/blockchain24-co/

e-mail box: [email protected]



