sb-nz logo
Story image

Another cryptocurrency exchange breached, but at least investors are safe

09 May 2019

It takes patience to steal more than 7000 Bitcoin (approximately US$41 million) from cryptocurrency exchanges, despite global awareness that such attacks are becoming more prolific.
This week Binance fell victim to the attack, which left them million out of pocket. Luckily, no user funds will be affected because the company is using its Secure Asset Fund for Users to cover the losses.

Binance is still investigating what happened, but it appears that the attackers got hold of user API keys, 2FA codes, and other information. They then stole the 7000 Bitcoin from it’s the company BTC hot wallet.

“The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that,” a statement from the company says.

Withdrawals and deposits are suspended until further notice. The company will also conduct a security review of all systems and data.

Here are what cybersecurity experts have to say about the Binance breach.

Webroot senior cybersecurity analyst Tyler Moffitt

“While last year’s attack on Binance failed to yield any cryptocurrency for the attackers, it appears this attack was more successful, as they used a variety of techniques to infiltrate the Binance hot wallet and make a very sizeable withdrawal.

"It’s promising to see Binance’s commitment to transparency at this time, though such a significant attack is a reminder that the emerging crypto market is being faced with rapidly evolving threats from sophisticated actors.

"This reminds us of the importance of keeping cryptocurrencies in wallets where owners control the private keys. As cyberattacks on exchanges become more common, traders should only use exchanges to make trades, then remove the funds from the platform and store them in cold wallets as you would a physical wallet.”

ImmuniWeb founder and CEO Ilia Kolochenko

“Today, all cryptocurrency-related businesses should be well prepared to defend against constant and sophisticated cyber attacks. In reality, however, virtually all of them underestimate or ignore digital risks and allocate scant resources for cybersecurity. Most have to compete on a very aggressive and turbulent market and thus are reducing their costs by all available means. Software development suffers most tremendously as cheap outsourced code cannot be secure by definition. 

"To bring certainty to the cryptocurrency markets clear regulatory standards are required, such as is PCI and PA DSS. Even if they are not a silver bullet, they greatly reduce both the number and average volume of credit card theft.''

Cofense Europe director David Mount

“While Binance has no doubt already begun its breach remediation process, cyber-attacks and data breaches, such as this one, are an uncomfortable topic for many organisations. Businesses across the globe have attempted to tackle threats through huge investments in next-gen technology and increased employee awareness training, but to no real avail. The problem? While organisations think they know what attacks – especially phishing attacks – look like and how to best defend against them, the reality is, threat actors are changing their tactics so quickly, businesses just can’t keep up."

Story image
Online gaming a 'hotbed' for DDoS attacks — report
The latency and availability issues present in online gaming, in particular, presented an attractive target to attackers, in addition to the enduring popularity of gaming in the era of COVID-19.More
Story image
Malware variants becoming increasingly prevalent, sophisticated and evolved
"The modern threat landscape and ongoing evolution of malware are loud factors pushing every business to understand and identify modern malware threats and the necessary precautions to take to protect against them."More
Story image
Sophos Rapid Response puts out the ransomware fire
“Attackers are using a range of techniques and whichever defence has a weakness is how they get in. When one technique fails they move on to the next, until they find a weak spot."More
Story image
APAC secure content management market to hit $2.2 billion by 2024
The proliferation of cloud-based deployments will largely drive this, the report says, as the COVID-19 pandemic motivates more enterprises to move their workloads to the cloud and rely more on the internet. More
Story image
Microsoft top targeted brand by cyber criminals in Q4 2020
In Q4, 43% of all brand phishing attempts related to Microsoft (up from 19% in Q3), as threat actors continued to try to capitalise on people working remotely during the COVID-19 pandemic’s second wave. More
Story image
The best DDoS protection depends on the use case
On-demand, always-on and hybrid models provide different services for different needs, writes Radware product marketing manager Eyal Arazi.More