Yesterday, May 7th 2019, Zhao Changpeng, the CEO of the worlds largest cryptocurrency exchange, Binance, confirmed suspicions that they had experienced a significant hack. The hack was discovered on the 7th May and saw the attackers escape with 7,000 BTC worth a whopping $40m USD.

The stolen BTC was withdrawn from the Binance platform in one foul swoop which can be viewed on the blockchain.com Bitcoin block explorer here: https://www.blockchain.com/btc/tx/e8b406091959700dbffcff30a60b190133721e5c39e89bb5fe23c5a554ab05ea.

According to the official report of the hack, the above transaction is the only transaction which was affected by the hack. The report also explains that the wallet affected was a hot wallet, which “only held 2%” of the BTC Binance controls. And that their other wallets are secure.

How Did it Happen?

According to the official report, the hackers used a well orchestrated system which utilised independent accounts at themoment.

The report also states that the transaction was executed in a way which “passed” the security checks used by Binance and that, once executed, the withdrawal transaction triggered “many alarms” in their system and caused Binance to stop withdrawals immediately as a result.

More specific details of how the attack occurred are not currently available but that is understandable – I would expect their engineers to patch the breach before releasing this information.

What Happens Now?

For now CZ has stated that the crypto exchange must conduct asecurity review which includesBinance’s. CZ estimates that this review will take roughly one week due to the size of Binance’s systems. He also states that he will post regular and accurate updates regarding the issue.

It should also be noted that, during this time, all withdrawals are being suspended on the Binance platform but trading is still enabled on the exchange, so you can continue as you normally would in that respect. This, while frustrating, should be accepted due to the reason behind the suspension.

Finally, Binance have stated that accounts which have been affected by the hack will be fully reimbursed to ensure that no customer of Binance is out of pocket as a result. The reimbursement will come out of the Binance secure asset fund for users.

Love, peace and happiness?