The Binance team says protecting the security of trading on their exchange has always been their highest priority and today they have some real-world proof. According to an update from the Cryptocurrency exchange, their automatic risk management system kicked in when nefarious characters attempted to sneak in steal crypto. Binance said: All funds are safe. No funds have been stolen.
Binance outlined that hackers accumulated account info over an extended period of time – dating back to early January. The multi-tiered assault saw the crooks create a sophisticated phishing attempt by creating a domain that replicated Binance. The only difference being 2 dots at the bottom of 2 characters. This has happened before and is a standard plot for phishing scams. After capturing account info from unsuspecting users, the hackers were then ready to attack. Yesterday, the attack took place and Binance explained the drama:
Yesterday, within the aforementioned 2 minute period, the hackers used the API keys, placed a large number of market buys on the VIA/BTC market, pushing the price high, while 31 pre-deposited accounts were there selling VIA at the top. This was an attempt to move the BTC from the phished accounts to the 31 accounts. Withdrawal requests were then attempted from these accounts immediately afterwards.
However, as withdrawals were already automatically disabled by our risk management system, none of the withdrawals successfully went out. Additionally, the VIA coins deposited by the hackers were also frozen. Not only did the hacker not steal any coins out, their own coins have also been withheld.
There were a few BTC holders that saw some of the currency used to by VIA or other coins after they unwittingly handed over their credentials to the hoodlums. These are trades that Binance cannot reverse and the company advised traders to take precautions to safeguard their private info.
The outcome of the Binance Hack is a positive one and in contrast to several other hacks that saw millions in crypto pilfered due to insufficient security protocols. This is a severe problem for crypto exchanges in general. Not only does weak cybersecurity leave users at risk it heightens the possibility of regulatory action against exchanges.