Binance Hack: Thieves Lose Their Own Money
Binance, one of the most widely-used digital asset exchanges, was recently the target of a coordinated hacking attack that used phishing techniques to obtain user information. Remarkably, the heist was thwarted by the exchange’s risk-management system and the hackers ended up losing their own money while customer accounts remain safe.
The company’s CEO stated the following in a tweet released Wednesday:
Binance has reversed all irregular trades. All deposit, trading, and withdrawal are resumed. Will write a more detailed account of what happened shortly. Interestingly, the hackers lost coins during this attempt. We will donate this to Binance Charity.”
What Happened Here?
First, the attackers obtained user credentials from Binance users through fake sites designed to mimic the real Binance website. The information was used to create API keys and build a software that could interact with the exchange.
Next, the hackers used the API keys to access customer accounts and place huge buy orders on a thinly traded asset called Viacoin – the price more than doubled within thirty minutes. The hackers held a large amount of Viacoin in their own accounts and planned to quickly sell their Viacoin at the inflated price and cash out. However, Binance’s risk management system recognized unusual activity and froze the accounts before the thieves could withdraw any funds.
Cryptocurrency hacking has been a hot-button issue lately, especially following the high-profile Coincheck hack last month and the increasing regulatory momentum in Japan. However, despite all the bad news, the Binance situation is an example of how proper risk mitigation techniques can protect cryptocurrency investors from negative outcomes.
Image From Shutterstock