How Binance Showed Us the Right Way to Deal With a Hacked Exchange

But with great power comes great responsibility. The exchanges’ size and wealth have long made it a target for cybercriminals and hackers, looking to make history and a chunk of money by ripping off this behemoth and making for the hills. Crypto exchange hacks are nothing new. The infamous Mt. Gox hack of 2014, where 740,000 Bitcoins were stolen, is maybe the biggest example, but it’s far from the only one. Exchanges are a goldmine for hackers; home to vast riches and often still working through their security measures. So it was really only a matter of time before the hackers turned their spotlight onto Binance. And in March 2018, they made their move.

The API Hack

The first warning signs of the hack came when users reported that their coins were being sold, while at the same time they were buying Viacoin against their will. To find out what was going on, we have to go back over two weeks. On February 22, hackers carried out a series of phishing attacks on Binance users. Using a domain that looked almost identical to binance.com, the hackers were able to gain control of the accounts of numerous unsuspecting users. Once done, they created a trading API key for each one. On the day of the hack, the criminals used these accounts to place a large number of market buys on the VIA/BTC market. This caused the price of Viacoin to explode, increasing by 10,000%. Meanwhile, 31 pre-deposited accounts were selling Viacoin — and making a lot of money in the form of Bitcoin. The unfortunate users’ coins flowed into the hackers’ accounts, where they quickly attempted to withdraw them. But this is where Binance’s security systems kicked in, recognizing the suspicious activity and blocking the withdrawals. Then they froze the accounts that had been selling Viacoin, preventing the hackers from touching their coins, even the ones they’d purchased through legit means. The crisis averted, and the exchange was able to reassure their users that no funds had been lost and there was nothing to worry about. But they now found themselves at the center of a perfect storm of negative attention. One of the biggest crypto exchanges in the world had been hacked, and the entire industry was watching. After assuring their users and the public that the threat had been dealt with and no real damage had been done, It then capitalized on their newfound spotlight in some ingenious ways. The first smart thing the exchange did was to donate the funds from the hackers’ frozen accounts to charity. Binance runs their own charity called the Blockchain Charity Foundation (BCF) which aims to use blockchain to improve the way we run charities and donate money in a transparent and secure way. By giving the hackers’ funds to a good cause, it was able to turn a negative situation into something positive and show the world their commitment to charity at the same time. It didn’t stop there, either. In the days following the hack, it offered a $250,000 bounty to anyone who could provide information leading to the arrest of the hackers. They also set aside a fund of $10 million for future bounties. This announcement came alongside an acknowledgment from the exchange that they would need to proactively anticipate and prevent hacks before they even happen, and follow through diligently afterward. Here, Binance gave us a good example of an exchange responding well to an attack, by acting quickly to deal with the threat and then using the buzz of the aftermath to promote a good cause and demonstrate their commitment to catching the perpetrators. But the next attack would test them even more.

The Next Challenge

On May 7, 2019, the exchange suffered another hack. This one was much more devastating, resulting in the theft of $40 million in Bitcoin. The hackers were patient and sophisticated, according to the CEO, Changpeng Zhao (CZ):

“The hackers had the patience to wait and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time.”

So, a big setback. But once again, CZ and his team acted quickly and decisively, proving their worth as a responsible and trustworthy exchange. They used their Secure Asset Fund for Users to cover the costs, ensuring no users lost any Bitcoin. In a later announcement, Binance revealed that they had made significant overhauls with a focus on security and resumed deposits and withdrawals just a week after the hack. While not ideal, both of these hacks were ultimately examples of ‘happy endings’ in the often disheartening world of crypto exchange crime. We’ve seen far too many big disasters, where users lost massive amounts of their valuable coins and exchanges were utterly destroyed. In the future, in a time when exchange hacks are becoming more common, users should look to companies like Binance as an example of how to deal with them properly.

---

Editor’s Note: This is a guest submission and was not written by BeInCrypto’s staff. We have chosen to publish this guest submission because we believe it may be of value to our readers.