Hackers Go Phishing, But Binance Cuts the Lines
Yesterday, posts began to flood the r/BinanceExchange subreddit complaining about unauthorized sell orders. In one such post, u/shashankkgg laments that all of his altcoins were sold at market price:
“WTF is happening! Binance just sold all my alts at market rate and I have got just the Bitcoin now. Is it because of account getting hacked or binance bot issue? Have raised a ticket 715903 for this.”
Other users echoed the OP’s experience, with one user crying out, “Wtf??? All my coins got sold and i brought via coin? Did i just get hacked?” Meanwhile, Viacoin’s price popped-off on Binance, and some users saw their bots unwillingly sell their altcoins to buy Viacoin in the throes of the debacle. Theories began to surface that the API/bot sell-off was coordinated to pump Viacoin for the hacker(s) own profit.
After the initial outcry, an official thread by the Binance team assured users that they “are investigating reports of some users having issues with their funds” and that the “team is aware and investigating the issue as we speak.” The post continues to reveal that “the only confirmed victims have registered API keys (to use with trading bots or otherwise).” As a precautionary measure, Binance temporarily suspended all withdrawals, while leaving deposits and trading fully functional.
Last night, the Binance team release a post on their support page detailing the incident. They chalk it up to a massive, well-coordinated phishing attempt, but they ensure users that “[all] funds are safe and no funds have been stolen.”
According to Binance, the hacker(s) had been accumulating user accounts for some time, beginning sometime in January and really picking up steam in February. The malicious actors used a practically identical domain name to nab user accounts, one that used an umlaut accent mark underneath two characters in the Binance name.
A user’s history. Can you see the two dots under the domain name? Phishing website that redirects to the real website after login. Additionally, after you log in once, it doesn’t let you access the phishing site again – will auto-redirect you to Binance (even after logging out) pic.twitter.com/WOKhKrp7tx
— CZ (not giving crypto away) (@cz_binance) March 7, 2018
After hijacking user profiles, the hacker(s) created API trading bots for each account and waited until the right opportunity to make their next move. That move came yesterday within a two minute period, and it involved artificially inflating the price of Viacoin, according to the post:
“Yesterday, within the aforementioned 2 minute period, the hackers used the API keys, placed a large number of market buys on the VIA/BTC market, pushing the price high, while 31 pre-deposited accounts were there selling VIA at the top. This was an attempt to move the BTC from the phished accounts to the 31 accounts. Withdrawal requests were then attempted from these accounts immediately afterwards.”
Thankfully, Binance’s risk management system kicked-in and suspended withdrawals once it spotted the abnormal trading action. Because of this, the hackers could not actually reap the rewards of their bounty, and Binance froze the accounts they used to pump Viacoin before-the-fact. So they ended up losing, not gaining, in the end, and Binance’s CEO announced that the exchange will be donating these coins to charity.
Binance has reversed all irregular trades. All deposit, trading and withdrawal are resumed. will write a more detailed account of what happened shortly. Interestingly, the hackers lost coins during this attempt. We will donate this to Binance Charity.
— CZ (not giving crypto away) (@cz_binance) March 7, 2018
While the exchange reversed any irregular trades executed against the hacker(s)’s accounts, they couldn’t reverse the BTC/VIA trades from phished accounts. In the post, the Binance team explains: “Unfortunately, those trades did not execute against any of the hackers’ accounts as counterpart. As such, we are not in a position to reverse those trades. We again advise all traders to take special precaution to secure their account credentials.”
Still, the team handled the debacle with *relatively* few losses. The security measures they had in place were robust enough to catch the situation before it got out of hand, and the CZ and the rest of the Binance squad navigated the situation with transparency and poise. This will hopefully serve as a model for risk management and damage control for other exchanges, as this certainly won’t be the last entry in the ever-continuous saga of hackers vs. exchanges.
The post Binance Explains API/Phishing Attack, Hackers Walk Away Losing Money appeared first on CoinCentral.
TheBitcoinNews.com – Bitcoin News source since June 2011 –
Virtual currency is not legal tender, is not backed by the government, and accounts and value balances are not subject to consumer protections. TheBitcoinNews.com holds several Cryptocurrencies, and this information does NOT constitute investment advice or an offer to invest.
Everything on this website can be seen as Advertisment and most comes from Press Releases, TheBitcoinNews.com is is not responsible for any of the content of or from external sites and feeds. Sponsored posts are always flagged as this, guest posts, guest articles and PRs are most time but NOT always flagged as this. Expert opinions and Price predictions are not supported by us and comes up from 3th part websites.
Advertise with us : Advertise
Our Social Networks: Facebook Instagram Pinterest Reddit Telegram Twitter Youtube
