Binance has been hacked in a coordinated attack. It resulted in $40 million worth of Bitcoin stolen. The famous crypto-exchange suffered a major security breach for the first time making a lot of noise and lifting quite an important controversy. It recently confirmed that it suffered a large scale hack in which 7,000 BTC ( ̴ $40 million and roughly 2% of the exchanges’ holdings) were stolen in a single transaction from one of their hot wallets.
Former finance analyst, now Blockchain consultant, blogger and educator.
My mission is to show how Blockchain is shaping the way our children will live.
Well-organized and very patient hackers…
Successfully attacking Binance was no joke. It took a variety of techniques and the coordination of multiple malicious accounts that managed to act at the most opportune moment. An organization that required time and highly skilled hackers.
“The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed.”
The history of crypto-exchanges has seen worse hacks in dollar terms, but what made so much noise is that this episode saw involved directly the leading exchange and one of the main personalities of the crypto-space, its CEO Changpeng Zhao (known as CZ on Twitter).
Binance was, until now, famous for its clean hack record, having stopped many attempts so that “Funds are safe“, or in CZ words “Funds are SAFU” almost became its trademark.
Right after the transaction, Binance security procedures blocked the withdrawals that haven’t been restored yet. Binance promptly communicated that will be able to completely cover the theft with his emergency insurance fund, the SAFU (Secure Asset Fund for Users).
The controversial proposal
A controversy arose as the proposal of re-organizing the Bitcoin blockchain came out. CZ received quite a large number of “Wait what?” reaction messages on his Twitter account from many personalities included the founder of Ethereum Vitalik Buterin. Eventually, CZ firmly discarded such hypothesis.
Reorganizing a blockchain means rolling back a blockchain until the block containing a certain event. In this case, it would be the hack. Then blocks should be reorganized as if nothing happened. Similar to what happens in movies when a scene is deleted.
There are many reasons why this might not be a winning move. Nevertheless, from a tech perspective it could be curious to see how Bitcoin blockchain would deal with a situation like this. Some of the reasons include:
1. Bitcoin is the most immutable ledger in existence. Immutability is the cornerstone of blockchain technology and re-organizing it would mean damaging its credibility.
2. It would imply massive computing power, funds and nodes coordination. A combination that has never been tried before which such a relatively small damage cannot justify.
3. Ultimately, highlighted by CZ, it may cause a split in both the bitcoin network and community as it happened for Ethereum Classic and the damage is not worth the loss.
The next hours will be crucial
It looks like hackers have always seen big opportunities in this new, little explored and still vulnerable cryptocurrency world. Sophisticated hacks like this, however, point out vulnerabilities that are very difficult to spot. In a sense they have provided Binance a unique help in its pursue of building the bulletproof exchange.
Quite an expensive service though… But when properly prepared, enterprises might even find in these situations an occasion to shine in front of their customers and competitors. Let’s see if Binance will be able to write another case study and hop back on the horse.