Binance Hacker Consolidates Stolen Bitcoin to Seven Addresses

The hacker(s) who performed a large-scale security breach on Binance, the world’s largest crypto exchange in terms of trading volume, have now transferred the 7,070 Bitcoin (BTC) they stole to only seven addresses.

Hackers Also Obtained Users' 2-Factor Authentication Codes And API Tokens

On Tuesday (May 7th, 2019), Binance suffered a damaging hack in which hackers managed to not only steal bitcoin’s valued at over $40 million, but they also reportedly gained access to users’ 2-factor authentication codes and API tokens.

According to a report published by The Block on May 9th, 2019, the stolen Bitcoin was transferred from Binance’s hot wallet on Tuesday via a single transaction - which consisted of 44 outputs. Notably, 21 of these were Segwit, of Bech32, crypto addresses and 99.97% of the funds have been moved to them.

Moreover, the hacker(s) have now consolidated the stolen bitcoins from the 44 crypto addresses to only seven addresses. At present, six of these addresses hold 1,060.6 BTC and one address is holding 707.1 BTC.

The addresses reportedly containing the stolen BTC are as follows:

  1. bc1q3a5hd36jrqeseqa27nm40srkgxy8lk0v0tpjtp (Bech32 address holding 707.1 BTC)
  2. bc1q2rdpyt8ed9pm56u9t0zjf94zrdu6gufa47pf62 (Bech32 address holding 1,060.6 BTC)
  3. bc1qx3628eh9tdnm0uzculu8k6r2ywfkc5zns2hp0k (Bech32 address holding 1,060.6 BTC)
  4. bc1qnf2ja3ffqzc3hskanjse6p8zag52fm6jgmmg9u (Bech32 address holding 1,060.6 BTC)
  5. bc1qw7g5uxxl750t0h2fh9xajwuxp4qt634yh3vg5q (Bech32 address holding 1,060.6 BTC)
  6. 16SMGihY94H8UjRcxwsLnDtxRt7cRLkvoC (P2PKH address holding 1,060.6 BTC)
  7. 1MNwMURYw1LkPnnpda2DQkkUsXXeKL9pmR (P2PKH address holding 1,060.6 BTC)

Before The Block confirmed the list of addresses above (which currently contain the stolen funds), Confirm, a London-based anti-money laundering and counter-terrorism (AML/CTF) firm had revealed via Twitter that it found that 1,227 BTC was initially moved from the Binance hot wallet to two other crypto addresses, one of which contained 520 BTC and the other held 707 BTC.

Binance CEO Considers Chain Reorg After Hack

Following the 7,070 bitcoin hack, Binance CEO Changpeng Zhao (or “CZ”) had initially proposed the idea of performing a chain reorg - which could reverse the set of transactions made by the hacker(s). This, CZ had first said, would help recover the funds and serve as “revenge” against the malicious actors.

However, the crypto entrepreneur decided not to attempt a chain reorg after consulting with various experts in the cryptoasset industry.