Binance Thwarts ‘Large Scale’ Theft Attempt That Sees Hackers Lose Their Funds

  • Hackers attempted to manipulate the market by creating Viacoin buy orders with phished accounts
  • Using their accounts, they then sold Viacoin at a large premium on the VIA/BTC trading pair and attempted to withdraw bitcoin.
  • The activity triggered Binance's security systems, which halted withdrawals and prevented the hackers from cashing out

Binance, one of the world’s largest cryptocurrency exchanges, recently saw users complain their altcoin balances were being liquidated for bitcoin, and then used to buy a little-known cryptocurrency named Viacoin. According to the exchange, it was all part of a sophisticated theft attempt, that Binance managed to thwart.

Per the exchange’s investigation, a group of “well organized” hackers attempted to manipulate the market and steal user’s funds. Their plot saw them initially launch a ‘phishing’ scheme in early January, in which they purchased domain names resembling They created copies of the exchange’s interface, to trick users into entering their credentials.

Once they acquired people’s login credentials, the hackers created API keys for each account they controlled. These keys are used to trade with bots, and as such only allow those who control them to trade, not withdraw.

After the keys were created, the hackers went silent waiting “for the most opportune moment to act.” Yesterday, the hackers decided it was time to make their move, and started using people’s API keys to place a “large number” of Viacoin buy orders. The move saw the cryptocurrency’s price surge by as much as 1,100 percent in about a minute.

VIA pump.png

On their own accounts, the hackers then sold Viacoin for bitcoin at high prices. Their orders were matched because of the orders placed on the accounts they phished. Per Binance, as soon as these trades were completed, withdrawal requests were “immediately” attempted.

However, the unusual trading activity triggered Binance’s “automatic risk management system.” The system, as Binance’s summary reads, halted withdrawals:

“However, as withdrawals were already automatically disabled by our risk management system, none of the withdrawals successfully went out. Additionally, the VIA coins deposited by the hackers were also frozen. Not only did the hacker not steal any coins out, their own coins have also been withheld.”


The cryptocurrency exchange successfully kept user’s funds safe, and in fact kept the funds the hackers initially used to make their orders. Binance has since revealed that it will reverse most transactions to undo the damage. Some transactions won’t be reversible, however, as the hackers’ accounts were not the counterparty, meaning they were just made to boost Viacoin’s price.

Interestingly, the company’s CEO, Changpeng Zhao, revealed that the coins withheld from hackers will be donated to Binance Charity.

Why Creating a Cryptocurrency Exchange Account May Be a Security Risk

Its well-known security is paramount in the cryptocurrency space, as once a hacker manages to get a hold of your coins there may be no going back – the funds may soon be laundered and lost forever.

While there are various well-known tips and tricks used to protect your crypto holdings – including using a cold storage solution – centralized cryptocurrency exchanges have been representing a security risk: not because they get hacked, but because of the accounts being created.

Most top exchanges have been hacked. Even Binance lost 7,000 BTC in May 2019 after hackers managed to obtain a “large number of user API keys, 2FA codes” to get to the cryptocurrency. As Binance did, exchanges often own up to these attacks and manage to repay users.

Some of these platforms even offer insurance on cryptoasset holdings: so chances of losing your crypto are minimized. The problem with creating an account isn’t related to exchanges getting hack, but it’s related to your personal safety.

Data Leaks Happen

Creating an account with any online service means you are sharing important data with them – your email address, date of birth, location, and other identifiable information. This information, if a data leak is to occur, may see your data get online.

After its online, hackers will sell it on darknet marketplaces for crypto, so scammers can use it to target you. What follows are phone calls trying to swindle you, phishing attempts, social engineering attempts, and more.

Unfortunately, data leaks are fairly common. These even occur in the cryptocurrency space, as last year for example BitMEX accidentally leaked its customers’ data because of a simple mistake as it sent out emails to batches of users with all email IDs visible in the ‘CC’ line. The accident, caused by an error in the software, created thousands of potential phishing victims for hackers.

The solution is simple: not having to create an account at all. If a service doesn’t use your email address, it can’t accidentally leak it. Similarly, if it doesn’t have a password to store, if it gets hacked your password won’t end up online.

ChangeNOW: an Account-Free Exchange

Enter ChangeNOW, a non-custodial cryptocurrency exchange that lets users trade over 200 cryptocurrencies – in over 40,000 trading pairs – without having to register an account with it. To use the service, all users need to do is determine which cryptocurrency they want to send and which they want to receive.

They then enter the amounts, send over the funds to an address given to them by ChangeNOW, and wait for the transactions to confirm. Using the service, it’s possible to buy cryptocurrency with Visa and MasterCard through a third-party, Simplex.

The exchange has partnered with prominent cryptocurrency wallet providers, including Trezor, Edge, Atomic, and CakeWallet, to help on-board new users. Data shows 98% of their transactions take around two minutes to complete, while the remaining 2% are handled by its customer support team, available 24/7.