Earlier on the 7th of March, Binance website has been hacked, with users reporting their altcoins being converted to Bitcoins. Here, we discuss the Binance hack aftermath – what exactly happened?
8 March, AtoZForex – The biggest cryptocurrency exchange by trading volume, Binance, has experienced a hack attack on March 7th. A number of worried users have taken the issue to the forums.
Binance Hack – How it Happened?
Users have been complaining about the fact that their altcoins have been converted into Bitcoin without their consent. Besides, many of them did not even log in to their accounts and still experienced the same issue.
One of the users’ statements reads:
“Same happened to me. I had 100% USDT worth $1548. Today I logged in so I can buy some xrp, but my account balance is $200 out of $1548, and apparently I bought 5 VIA coins and exchanged my USDT to BTC while I was in the gym?”
As per some of the posts on Reddit, users’ Bitcoins were used to purchase VIA coins. Once attackers received Bitcoins, they managed to withdraw them in small amounts. Binance’s administration has frozen withdrawals in about an hour after getting the first complaints.
One of the users has suggested:
“The hacker accumulated VIA in advance (from Binance or other exchange and sent to Binance) then he set a huge sell order at 0.025BTC. Then using API made some account sell alts and buy VIA with that BTC, BTC.”
Binance Hack Aftermath: Trading is resumed
Some of the investors have stated that the attack might be connected with compromised API keys. Users have requested the keys from Binance in order to use them within applications.
This theory could also explain how the hackers have managed to skip the two-factor authentication system. Yet, it does not explain why users who did not request API keys got impacted by the attack, as well.
Later on, Binance has posted a Tweet stating that all the irregular trades have been reversed. Moreover, all the deposits, trading and withdrawals are now back in full function. According to the CEO of Binance, Changpeng Zhao, attackers used a phishing website to obtain the login data and then redirect users to the original Binance website.
Think we missed something? Let us know in the comments section below.