It takes patience to steal more than 7000 Bitcoin (approximately US$41 million) from cryptocurrency exchanges, despite global awareness that such attacks are becoming more prolific.
This week Binance fell victim to the attack, which left them million out of pocket. Luckily, no user funds will be affected because the company is using its Secure Asset Fund for Users to cover the losses.
Binance is still investigating what happened, but it appears that the attackers got hold of user API keys, 2FA codes, and other information. They then stole the 7000 Bitcoin from it’s the company BTC hot wallet.
“The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that,” a statement from the company says.
Withdrawals and deposits are suspended until further notice. The company will also conduct a security review of all systems and data.
Here are what cybersecurity experts have to say about the Binance breach.
Webroot senior cybersecurity analyst Tyler Moffitt
“While last year’s attack on Binance failed to yield any cryptocurrency for the attackers, it appears this attack was more successful, as they used a variety of techniques to infiltrate the Binance hot wallet and make a very sizeable withdrawal.
"It’s promising to see Binance’s commitment to transparency at this time, though such a significant attack is a reminder that the emerging crypto market is being faced with rapidly evolving threats from sophisticated actors.
"This reminds us of the importance of keeping cryptocurrencies in wallets where owners control the private keys. As cyberattacks on exchanges become more common, traders should only use exchanges to make trades, then remove the funds from the platform and store them in cold wallets as you would a physical wallet.”
ImmuniWeb founder and CEO Ilia Kolochenko
“Today, all cryptocurrency-related businesses should be well prepared to defend against constant and sophisticated cyber attacks. In reality, however, virtually all of them underestimate or ignore digital risks and allocate scant resources for cybersecurity. Most have to compete on a very aggressive and turbulent market and thus are reducing their costs by all available means. Software development suffers most tremendously as cheap outsourced code cannot be secure by definition.
"To bring certainty to the cryptocurrency markets clear regulatory standards are required, such as is PCI and PA DSS. Even if they are not a silver bullet, they greatly reduce both the number and average volume of credit card theft.''
Cofense Europe director David Mount
“While Binance has no doubt already begun its breach remediation process, cyber-attacks and data breaches, such as this one, are an uncomfortable topic for many organisations. Businesses across the globe have attempted to tackle threats through huge investments in next-gen technology and increased employee awareness training, but to no real avail. The problem? While organisations think they know what attacks – especially phishing attacks – look like and how to best defend against them, the reality is, threat actors are changing their tactics so quickly, businesses just can’t keep up."