At this point in 2019, there are many signs that the crypto markets are starting to mature. However, there is one issue that continues to plague the industry – exchange hacks. Crypto intelligence firm Ciphertrace estimates that $356 million was stolen from exchanges in the first quarter of 2019 alone.
The recent breach of Binance, where hackers made off with 7,000 BTC, stands out for a couple of reasons. Firstly, this was the only instance where hackers managed to breach this particular exchange. Before this, the world’s biggest exchange was renowned for having remained secure against thieves ever since it started trading in 2017.
Secondly, aside from a short closure, Binance was able to refund its users, re-open its doors and continue on almost as if nothing had happened. This is thanks to the exchange’s policy of having its own insurance fund, which it calls Secure Asset Fund for Users, or SAFU, in place to protect against losses in the event of a hack.
What Happened with the Binance Hack?
On May 7, CEO Changpeng Zhao [CZ] announced via his Twitter account that the exchange was undergoing unscheduled server maintenance. A few hours later, it was confirmed that the exchange had been breached. API keys and 2-factor authentication [2FA] codes were stolen through a combination of phishing and viral attacks. Hackers had swiped around $40m worth of BTC, amounting to 2% of the total exchange holdings.
The same day that the attack took place, CZ published a post on the company blog to explain the breach and the steps that the company intended to take. The blog post stated that the company would be conducting a thorough security review which would take around a week.