Tech & Science

Binance Hacked: Huge Cryptocurrency Exchange Loses $40 million as Mystery Cybercriminals Take 7,000 Bitcoin

One of the world’s top cryptocurrency trading platforms has confirmed that a hack resulted in the loss of 7,000 bitcoin this week, equivalent to more than $40 million.

Binance, founded in 2017 and led by Changpeng Zhao, said online that a “large scale security breach” had been found Tuesday at around 5:15 p.m. Initial analysis suggested hackers had plundered the currency from a bitcoin wallet belonging to the company in one vast transaction. 

In its statement overnight, the company said: “Hackers were able to obtain a large number of user API keys, 2FA codes and potentially other information. The hackers used a variety of techniques, including phishing, viruses and other attacks. We are still concluding all possible methods used. There may also be additional affected accounts that have not been identified yet.

“The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time.”

It added: “The transaction is structured in a way that passed our existing security checks. We were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that.”

According to Binance, no user funds will be affected by the hack. It said losses from the heist will be covered by an emergency insurance fund called Secure Asset Fund for Users (SAFU).

Bitcoin In this photo illustration, a visual representation of the cryptocurrency bitcoin is displayed on April 3, in Paris. Chesnot/Getty Images

The theft was about 2 percent of the firm's total bitcoin holdings, officials said. 

Zhao said in a live video broadcast that users should reset two-factor authentication on their Binance accounts. He claimed the firm has the money to cover the stolen $40 million.

The CEO stated: “We do have the funds to cover that $40 million so we are completely OK on the funding side. It does hurt very much but we are able to cover that. We do not need funding help. We have been working with other exchanges to block deposits from hacked addresses.”

On Twitter, he added: “While it is a very expensive lesson for us, it is nevertheless a lesson. It was our responsibility to safeguard user funds. We should own up to it. We will learn and improve.” Binance said it will now conduct a security review of its systems, lasting one week.

“Deposits and withdrawals will need to remain suspended during this period of time. We beg for your understanding in this difficult situation,” the cryptocurrency company said.

“We will continue to enable trading, so that you may adjust your positions if you wish,” it continued. “Please also understand that the hackers may still control certain user accounts and may use those to influence prices in the meantime. We will monitor the situation closely. But we believe with withdrawals disabled, there isn’t much incentive for hackers to influence markets.”

According to CoinMarketCap, a website that tracks cryptocurrency markets, pricing and values in real-time, Binance is currently the fifth-biggest exchange by trade volume. The current price of a single bitcoin is $5,815.

Cryptocurrency, including bitcoin, is traded online and does not operate within the traditional banking infrastructure. It is based on a digital ledger technology known as the blockchain. In recent years, a slew of crypto exchanges have been targeted by hackers and cybercriminals. More than $500 million was hijacked from Japanese exchange Coincheck early last year.

Editor's Pick