Hackers stole $41 million in Bitcoin from Hong Kong cryptocurrency exchange Binance overnight; the currency was taken in one transaction by emptying the firm’s ‘hot wallet’ through a variety of standard hacking techniques.
Binance says it will make the customer’s accounts whole through funds from a reserve account.
We have discovered a large scale security breach today, May 7, 2019 at 17:15:24 (UTC). Hackers were able to obtain a large number of user API keys, 2FA codes, and potentially other info. The hackers used a variety of techniques, including phishing, viruses and other attacks. We are still concluding all possible methods used. There may also be additional affected accounts that have not been identified yet, reported Binance on its blog.
The hackers were able to withdraw 7000 BTC in…one transaction.
The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that.
The most interesting consequence of this theft was Binance CEO’s comment that the firm would tray to ‘roll back’ the transaction by undoing the blockchain.
Ari Paul responded by arguing that a reorg of the blockchain could be possible if bitcoin miners were properly incentivized to make it happen, reported Zero Hedge.
Most cryptocurrency users were not aware this was possible and will add further risk to buying crypto assets. Most cryptocurrencies were down overnight on the news.