Binance, one of the largest cryptocurrency exchanges in the world, has announced a “large scale security breach”. According to a post on the company’s website, Binance CEO Changpeng Zhao said that hackers were able to obtain a large number of user API keys, 2FA codes, and there’s a possibility they obtained other information too.
The hackers stole 7000 bitcoin using a variety of techniques, including phishing, viruses and other attacks. The company traced the cryptocurrency theft to one wallet. Zhao Changpeng said the bitcoins stolen from the hot wallet accounted for only 2% of the exchange’s total Bitcoin holdings and assured users that Binance’s other wallets are unharmed. Binance will use its Secure Asset Fund for Users (SAFU) to cover the loss.
“The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time,” said Zhao in the statement. “The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that”.
All Deposits And Withdrawals Suspended For Now
The company said that it will conduct a thorough security review which will include all parts of their systems and data. They estimate this will take approximately one week and they will keep users informed with regular updates as they progress.
Binance will suspend all deposits and withdrawals during this period and they ask users for understanding in this “difficult situation” and that they are striving to maintain transparency
Hackers Could Still Influence Prices
“We will continue to enable trading, so that you may adjust your positions if you wish,” said Zhao. “Please also understand that the hackers may still control certain user accounts and may use those to influence prices in the meantime. We will monitor the situation closely. But we believe with withdrawals disabled, there isn’t much incentive for hackers to influence markets”.
Zhao will continue with the scheduled Twitter AMA later today to field questions from the community.