Binance, a global cryptocurrency exchange headquarted in China announced that it has discovered a ‘large security breach issue’ . Hackers withdrew more than 7,000 bitcoins worth $40.7 million from the exchange in a single transaction. In addition, they have obtained a large number of user API keys, 2FA codes, and other relevant information, an official press release said.
The press release noted that the hackers have well-orchestrated their actions using a variety of techniques such as phishing, viruses, and other attacks to acquire a large amount of data. The transaction was structured in a manner that cleared the existing security checks.
The illegitimate transaction by the bitcoin hackers has only affected Binance’s BTC hot wallet which contained about 2 percent of its total BTC holdings. Binance’s other wallets remain secure and unharmed, the press release reassured. However, the discovery stoked an internal alarm encouraging the exchange to freeze the withdrawals.
The disclosure came hours after Binance CEO Changpeng Zhao tweeted that the exchange was under ‘some unscheduled server maintenance’. After the official announcement, Zhao tweeted that the exchange will ‘provide a more detailed update shortly’.
Now, the exchange will use its Secure Asset Fund for Users (SAFU) to cover the incident which will not impact users. Binance plans to conduct a full-fledged security review which will include all the systems and data. The estimated date to complete the review is one week.
The exchange in the press release said, “We will continue to enable trading, so that you may adjust your positions if you wish. Please also understand that the hackers may still control certain user accounts and may use those to influence prices in the meantime. We will monitor the situation closely. But we believe with withdrawals disabled, there isn’t much incentive for hackers to influence markets.”