In a major security breach, hackers stole over $40 million worth of Bitcoin from the popular cryptocurrency exchange Binance. The Taiwanese company stated it discovered the breach on May 7, 2019, at 17:15:24 (UTC), in which hackers illegally obtained over 7,000 Bitcoins by using a variety of attack methods, including phishing, viruses, and other attacks.
According to Binance, hackers also accessed several user API keys, 2FA codes, and other information. Following the hack, the exchange suspended all the operations temporarily and assured that it will refund the affected customers in full.
“The hackers had the patience to wait and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that,” Binance said in a statement.
“The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that,” Binance added.
There have been multiple breaches reported by cryptocurrency exchanges in recent times. In February 2019, crypto brokerage platform Coinmama notified users that it suffered a security breach which affected around 450,000 users’ emails and hashed passwords. The company stated that a few unknown intruders compromised customer data and kept for sale on a dark web registry.
Coinmama provides a cryptocurrency exchange platform for trading digital currency globally. The security professionals at Coinmama revealed the compromised data belonged to the users who registered until August 05, 2017. Coinmama also explained the security issue affected 30 companies and a total of 841 million user records.
Similarly, Cryptopia lost nearly 19,390 ETH tokens in a cyber-attack. According to reports, the hackers have been sending their loot to popular crypto exchanges with Bitbox, Binance, and Huobi seeing the most withdrawal volumes. It is estimated that out of the $16 million stolen by hackers nearly $900,000 have been withdrawn.
Cryptopia stated that the security breach resulted in a significant amount of losses to the firm. The company stayed tight-lipped about the amount of “significant losses” until cybersecurity firm Hacken discovered that there was an unauthorized transfer of ETH tokens.