Several days ago, Binance, the world’s largest crypto exchange by market cap, experienced a security breach which resulted in a theft of 7,000 BTC ($44 million). The exchange reacted by stopping all deposits and withdrawals in order to assess the situation and find the security flaw. Now, however, the exchange’s CEO, Changpeng Zhao, released additional details regarding the hack.
According to CZ, the company has reacted swiftly, with a goal of revamping its security measures. He claims that its security team is making progress and that all security procedures and practices are getting upgraded to prevent such incidents in the future. He also noted that deposits and withdrawals would return as soon as possible, likely already starting next week, which supports his earlier prediction.
Further, Zhao noted that Binance plans to cooperate with numerous blockchain analytics firms, as well as with other major exchanges in order to track the movement of stolen coins. Should any of the stolen funds land on one of the major exchanges — they will be frozen instantly.
Tracking down the coins
Of course, tracking cryptocurrencies is not the easiest task. Even so, Binance seems determined to do it, and for that purpose, the exchange partnered up with three different blockchain analytics companies, which is more than any other major exchange out there.
Security first. Fighting hackers / scammers / fraudsters is not easy. https://t.co/Bm0FVXt98x
— CZ Binance (@cz_binance) May 2, 2019
There are multiple blockchain analytics firms, such as CipherTrace and Elliptic, which use public blockchain networks of various coins, including Bitcoin, to monitor transactions and take note of any suspicious activity. Their primary goal is to track the funds believed to be used for criminal activity. In other words, if hackers try to send stolen coins to some crypto exchange and attempt to cash out — these companies will find it. They can then warn the exchanges, which can freeze their accounts. From there on, it might be possible to retrieve the stolen coins.
According to CZ, Binance is also working with a dozen of other security teams in order to track down the attackers. He mentioned that these are all industry-leading teams, consisting of professionals, which can help improve the exchange’s security. And, as mentioned, a lot of other exchanges joined the search for the stolen coins, thus making one of the first exchange alliances.
There were already reports that the 7,000 BTC that were stolen from Binance is on the move, and are being managed by seven different wallets. London-based blockchain analytics company known as Coinfirm stated that it would not be possible to reveal the hackers’ identities unless they try to cash out. Meanwhile, Binance continues to spread its team of coin hunters, with even John McAfee offering his support and assistance.
If I am able to help, then please expect little or no public information releases, at least from me. The first rule of a cyber investigation is silence. pic.twitter.com/k3kXvCCCEn
— John McAfee (@officialmcafee) May 8, 2019
As for Binance’s loss, for now, the company plans to cover it using corporate funds, primarily SAFU (Secure Asset Fund for Users). This is an insurance fund that the firm created in 2018.
Improving the defenses
The main question now is how Binance will handle its security, following the hack? Will it become safer, or will others get encouraged to try and attack the exchange?
Naturally, the hack has brought a negative effect on the otherwise flawless performance, and CZ himself believes that it might reflect negatively on the industry, at least in short-term. However, he also stated that this would, in fact, strengthen the exchange in the long-term.
While the incident will help Binance become better aware of its own weaknesses — it might also alarm other exchanges, and make them question their own security. The exchanges should also have a plan of action ready in case the breach does happen, although the main goal is not to allow it to be possible in the first place.