Binance Gets Hacked: 7000 Bitcoin Taken From Its BTC Hot Wallet in One Transaction

At 23:40 UTC on Tuesday (May 7), digital asset exchange Binance announced that it had suffered a major security breach—discovered at 17:15 UTC that day—as a result of which it lost 7000 BTC.

The first sign of trouble came at around 19:06 UTC on Tuesday when Changpeng Zhao (aka "CZ"), co-founder and CEO at Binance, sent out a tweet to announce "some unscheduled server maintenance":

Then, approximately, four and a half hours later, Binance sent out this tweet to explain why despots/withdrawals had been disabled:

Here are the facts and their implications according to Binance's announcement:

  • Binance detects "a large scale security breach" at 17:15:24  UTC on May 7.
  • The hackers had used various techniques ("phishing, viruses and other attacks") to obtain "a large number of user API keys, 2FA codes, and potentially other info;" Binance is continuing its investigation.
  • During this attack, only Binance's BTC hot wallet (which contained 2% of Binance's entire BTC holdings) was affected, and the stolen 7000 BTC (worth over $40 million) was withdrawn in a single Bitcoin transaction.
  • The hackers used multiple ("seemingly independent") compromised user accounts to perform the attack; Binance's security checks, sadly, did not detect what was going on, and alarms only got triggered once the withdrawal had been executed, at which point all withdrawals were disabled.
  • Binance will use its Secure Asset Fund for Users (SAFU), which was announced on 3 July 2018, to make sure that its users do not suffer any financial loss.
  • Binance has started a "security review" that is expected to take around one week. During this period, no deposits or withdrawals are possible, but trading is allowed to continue.

Here is a screenshot from Blockchain.com's blockchain explorer tool that shows the "7000 BTC transaction":

Binance Hack - 7000 BTC Transaction Screenshot.png

In case you are wondering how these funds were stolen in a single transaction, as Dovey Wan, a founding partner at crypto-focused investment firm Primitive Ventures explained on Twitter, "BTC block confirmation is slow so hacker finished all requests via API call and confirmed in 1 BTC transaction."

In a Periscope session that was scheduled for 03:00 UTC on Wednesday (May 8), CZ asked all Binance users to reset their Two-Factor Authentication (2FA) credentials since Binance doesn't know how many users affected. Also, he warned all API users to recreate their API keys.

Even more importantly, CZ mentioned that Binance is considering a "rollback" (reorganizing the Bitcoin blockchain) to recover the stolen funds, but did not like this idea because because it might "destroy credibility for Bitcoin."

The news has naturally affected the crypto markets, with almost all cryptoasets currently in the red.

According to CryptoCompare, at press time, BTC is trading at $5,844.34, down 2.26% in the past 24-hour period:

BTC - 24 Hour CC CHart - 8 May 2019.png

Binance Coin (BNB) has been harder hit:

BNB - 24 Hour CC Chart - 8 May 2019.png

These are a few reactions from the crypto community on Twitter:

  • Su Zhu (CEO and CIO at Three Arrows Capital): "Sometimes when I step back and think, am amazed by how crypto industry news has become mainstream and white glove finance news. Binance hack has made it to Bloomberg terminal front page, featuring along-side reportings on central bank activities."
  • Arianna Simpson (Founder & Managing Director at ASP): "Welllllll on the upside I guess the Binance hack is good marketing for their DEX initiative?"
  • Alex Krüger (Economist, Trader, and Analyst): "In a bear market this would have easily have caused a deluge. Either way, good excuse for bulls to take cover, bears to charge."
  • Justin Sun (Founder and CEO of TRON Foundation): "To support @binance , I will personally deposit 7000 BTC worth USDT (40 million USDT) into @binance to buy $BNB, $BTC , $TRX & $BTT if @cz_binance agrees. No need to #FUD! Funds are #SAFU! "
  • Gabor Gurbacs (digital asset strategist/director at VanEck/MVIS): "Good for @justinsuntron , @Tronfoundation and the exchange world to offer help to @binance and @cz_binance in times of need. That’s the spirit. Even if they don’t need help, we shall stand together during hard times. "
  • Twitter user @theonevortex: "Even if a friendly blockchain reorg was possible to specifically target the stolen funds it would absolutely set a terrible precedent in #bitcoin. The perception of immutability and digital gold would be lost entirely."
  • Katherine Wu (former director at Messari): "Update: hours after breach event @cz_binance is personally taking questions from twitter in live video. This level of transparency and response is absolutely commendable."

2019 is the year we may see the highest volume of security breaches. For many, now is the time to take decisive action after the Binance hack.

Featured Image Credit: Photo via Pixabay.com

CME Looks to Double Bitcoin Futures Limit, but Is This Wise?

The Chicago Mercantile Exchange (CME) has a new request for its regulator, as it looks to double open position limits on bitcoin futures contracts in the face of significant interest.

Nasdaq reports that the CME has already petitioned its regulatory body, the Commodity Futures Trading Commission (CTFC), asking for an increase from 1000 contracts per spot month to 2000 per investor. Each contract represents five BTC, so essentially, at its peak,  a single investor's total position may edge towards a monumental 10,000 BTC.

This is in direct response to the contract's recent growth which is currently depicting record levels of activity, citing $370 million being traded per day. A spokesperson for the CME noted that the idea to increase limits was proposed on the continued maturity of the market:

Based on the significant growth and acceptance of our financially-settled CME Bitcoin futures markets, as well as our analysis of the underlying bitcoin market.

However, as Nasdaq writes the increase in the upper limit of positions is somewhat superfluous. As of July, the number of open interest contracts reached an all-time high of just 6100; given this, it seems the CME may be future-proofing.

Open to Manipulation?

However, concerns remain about the limit increase, as without them, the potential for manipulation rises; often to the detriment to the underlying asset. Although, as per the CTFC website, the threat of manipulation from bitcoin futures contracts is "low":

In general, position limits are not needed for markets where the threat of market manipulation is non-existent or very low.

Instead, Nasdaq posited that this might point to a lessening on the CTFC's strict rule of bitcoin; as well as a maturing of the market in general.

Nevertheless, some believe the CME's bitcoin futures contracts do pose a significant threat to the price of BTC; with some suggesting that blatant manipulation continues unchecked within the market.

As reported, there seems to be a correlation between the expiry dates of CME bitcoin futures contracts and a lull in the price point of BTC. In several instances, a significant drop in bitcoin's price has coincided with a closure from the CME. The most recent example of this occurred on Labor Day, September 2, when bitcoin rose an extraordinary 8% shortly after the CME shut.

Crypto analyst, Alex Kruger, highlighted this, noting the large gaps which formed on the CME chart, from the price discrepancy before and after closing.

This has become a pretty accepted practice within the market. Kruger has even gone to the lengths of compiling statistics each time this phenomenon transpired:

On these occasions, bitcoin cited an average 4.6% price discrepancy following the close of the CME.

Whether this is a coincidence or the market is indeed being actively manipulated is as yet unclear. Either way, with the increase of these limits it might be only a matter of time until we know for sure.

Featured Image Credit: Photo via Pixabay.com