They steal 7000 BTC from Binance

Unfortunately we have to talk about another attack on a cryptomoneda exchange and this case is especially painful as it has been to the archiconocide and omnipresent Binance, which is basically the Exchange we used almost everyone we do trading, we talked about it a few months ago. this blog entry. It’s also painful because they haven’t taken little money… just over 7000 Bitcoins, 40 million dollars on change right now (6000 dollars for Bitcoin)

g >.

Before you continue reading

If you are a Binance user, CZ itself has recommended changing the API keys and resetting the 2FA codes (2FA or Double Authentication Factor already spoke a few months ago). I already have.

What have you done this time?

Again The attackers have taken their time. to organize a good attack and take as much money as possible. And they have done especially well, both to plan the attack and to take out the cryptomonedas. Let’s see it very schematically:

Preparing the attack

According to the information Binance has at this moment, attackers have been able to access user cryptomoneda portfolios using various techniques such as phishing, Trojans, virus… the case is that

for a long time they have been attacking portfolios to get access to them and have simply kept access waiting for the moment.

Moving the funds

At a specific hour (it is not known whether they would be left without access or because the price of the BTC is in a good number now), they moved all the funds to an account inside Binance and, after this, they pulled out of that account several accounts but already outside the Exchange. This transaction has been reflected in the lockchain networkwhere you can see that the total is 7074 BTC, just over 42 million dollars It’s not bad.

Consequences

The first thing that Binance users should do is change the password, revoke the API keys if enabled and reset the codes of the double authentication factor. Even if it seems very obvious nonsense, Many of them are not going to., so the malets will continue to have access to their portfolio.

The second consequence is that There’s gonna be a fall in the Bitcoin price.. This kind of thing causes FOD (Fear, Uncertainty and Doubt, which means fear, uncertainty and doubt) among users, so they sell and this has a direct impact on the price of cryptomoneda.

What about users’ portfolios?

Nothing, Binance is gonna replace the total of the stolen cryptomonedas.. And that’s why I always recommend you to use a big, reliable Exchange. The thing is, a few months ago, Binance announced what they call SAFU (Secure Asset Fund for Users), which is basically a fund where Binance transfers 10% of the commissions they get with the cryptomoneda trading. This 10% of each transaction is accumulating for the tranquility of the users, as in cases like this they are able to replenish the dine

ro lost immediately. Point for them.

Lessons learned

We’ve all learned something from this attack. The first should be the users, who have surely neglected security, have not reviewed the latest IP addresses that have been connected to our portfolio, long ago we have not changed the password or API keys and, above all, we have fallen into some ‘traps’ that have put us in the malets to access such credentials.

For his part, Binance has learned his part and said that an attack will not happen again so that they will implement measures that detect this type of massive operations and IP addresses that connect to a multitude of portfolios. We will see in a few months whether these measures have been sufficient.