Binance Thwarts ‘Large Scale’ Theft Attempt That Sees Hackers Lose Their Funds

Francisco Memoria
  • Hackers attempted to manipulate the market by creating Viacoin buy orders with phished accounts
  • Using their accounts, they then sold Viacoin at a large premium on the VIA/BTC trading pair and attempted to withdraw bitcoin.
  • The activity triggered Binance's security systems, which halted withdrawals and prevented the hackers from cashing out

Binance, one of the world’s largest cryptocurrency exchanges, recently saw users complain their altcoin balances were being liquidated for bitcoin, and then used to buy a little-known cryptocurrency named Viacoin. According to the exchange, it was all part of a sophisticated theft attempt, that Binance managed to thwart.

Per the exchange’s investigation, a group of “well organized” hackers attempted to manipulate the market and steal user’s funds. Their plot saw them initially launch a ‘phishing’ scheme in early January, in which they purchased domain names resembling Binance.com. They created copies of the exchange’s interface, to trick users into entering their credentials.

Once they acquired people’s login credentials, the hackers created API keys for each account they controlled. These keys are used to trade with bots, and as such only allow those who control them to trade, not withdraw.

After the keys were created, the hackers went silent waiting “for the most opportune moment to act.” Yesterday, the hackers decided it was time to make their move, and started using people’s API keys to place a “large number” of Viacoin buy orders. The move saw the cryptocurrency’s price surge by as much as 1,100 percent in about a minute.

VIA pump.png

On their own accounts, the hackers then sold Viacoin for bitcoin at high prices. Their orders were matched because of the orders placed on the accounts they phished. Per Binance, as soon as these trades were completed, withdrawal requests were “immediately” attempted.

However, the unusual trading activity triggered Binance’s “automatic risk management system.” The system, as Binance’s summary reads, halted withdrawals:

“However, as withdrawals were already automatically disabled by our risk management system, none of the withdrawals successfully went out. Additionally, the VIA coins deposited by the hackers were also frozen. Not only did the hacker not steal any coins out, their own coins have also been withheld.”

Binance

The cryptocurrency exchange successfully kept user’s funds safe, and in fact kept the funds the hackers initially used to make their orders. Binance has since revealed that it will reverse most transactions to undo the damage. Some transactions won’t be reversible, however, as the hackers’ accounts were not the counterparty, meaning they were just made to boost Viacoin’s price.

Interestingly, the company’s CEO, Changpeng Zhao, revealed that the coins withheld from hackers will be donated to Binance Charity.

Weekly Newsletter

Coinbase Hosting an Event for Software Engineers

Jordana Sacks
  • Coinbase is set to host an event that will be of special note to software engineers with an interest in the sector.
  • ‘Scaling Coinbase, an Engineer’s Perspective’ will take place in London on 4th July 2018.

Coinbase is set to host an event in London, which will examine not only the investment potential of cryptocurrencies, but also their likely impact on both commerce and the wider world.

‘Scaling Coinbase, an Engineer’s Perspective’ will be hosted at the WeWork Mansion House on the 4th July 2018. The two-hour long talk will examine the recent surge in consumer interest, and how this could benefit our society.

The event is envisaged as being of special significance to software engineers with an interest in the sector. Providing information on digital currencies, as well as what Coinbase is doing to develop the space, it will involve talks from a number of key figures.

First to take the stage will be Zeeshan Feroz, UK GM for Coinbase. Mr Feroz will deliver an overview of the company, as well as its mission, history, and where it’s headed. He is also expected to discuss current trends, and what these mean for the future of the industry. 

Software engineer Anthony Dmitriyev will follow him onto the podium, with the aim of digging deeper into engineering culture. Looking at everything from how code is tested to review processes and the deployment pipeline, his session should be of particular interest to those present.   

The final speaker will be Sohail Khanifar, another software engineer, who will discuss the company’s migration from Objective-C to Swift in the iOS codebase, as well as how the company keeps up to speed with emergent trends.

A question and answer session is scheduled into the itinerary once the three presentations have been delivered.

The event is one of a number that Coinbase is set to host in 2018. Intended to furnish interested parties with the necessary knowledge to not only trade themselves, but potentially lend their own untapped skills to the continuing development of the business and the wider industry, they have experienced increasing interest in recent months.