The article was updated on 05 December, 2019 by Amicus.
08 May, 2019 | AtoZ Markets - The company's CEO Changpeng Zhao, in his letter to the crypto community, addressed the Binance hack. According to Zhao, network security damage was discovered on 07 May. Also, the hackers were able to obtain API keys, two-factor authentication codes, and "potentially other info" of the Binance users.
How Did the Binance Hack Happen?
As per the Binance CEO, the hackers used various techniques, including "phishing, viruses and other attacks."
Zhao also noted in his letter that the hackers "had the patience to wait, and execute well-prepared actions through multiple seemingly independent accounts at the most opportune time."
He explained that as the hackers were patient, they managed to pass Binance existing security checks and get away with 40 mln USD. Zhao expressed his frustration that the company was "not able to block this withdrawal before it was executed."
The crypto exchange official outlined that an investigation is in process, and there might be more impacted accounts.
Notably, the security breach impacted only Binance's hot wallet. That contains roughly 2 percent of the exchange's total bitcoin holdings, as the Binance statement says. Zhao added that "other wallets are secure and unharmed."
What Happens Next? Binance's Safety Funds Will Cover the Damage
The Binance CEO, during his recent "ask-me-anything" live stream on Twitter, noted that the company does not need donations or funds to cover the hack.
He mentioned that they had received offers from many exchanges, including Coinbase. CZ encouraged the crypto community members who wish to support the company, to donate to Binance Charity.
"In this difficult time, we strive to maintain transparency and would be appreciative of your support," Zhao concluded.
According to Binance's notice, it will use its Secure Asset Fund for Users (SAFU fund) to cover the loss. That won't impact users. However, the SAFU fund consisted of 10 percent of all trading fees absorbed by the exchange. And it initially launched to protect Binance's users "in extreme cases." It stores in its cold wallet.
The company's official statement says that "it will take about one week to recover fully. Also, it allows their developers to ensure the platform is secure."
How Can a New Binance Hack Be Prevented? Zhao Calls for Security Checks
The Binance hack announcement comes hours after Zhao tweeted that the exchange was undertaking "some unscheduled server maintenance," writing that "funds are #safu."
After the disclosure announcement, Zhao tweeted that the exchange would "provide a more detailed update shortly." While talking about funds stolen from the Binance, the company's CEO explained that withdrawal triggered internal alarms after it was executed. He also noted that the exchange froze withdrawals following the discovery.
The Binance officials stated that "deposits and withdrawals will remain suspended for the next week. Moreover, trading will re-enable. Also, he cautioned that as hackers may still control certain user accounts."
The company stressed that they would conduct "a thorough security review," including its systems and data during the next week.
Do you think that another Binance hack can occur in the future? Let us know in the comments section below.