On March 7th, a Binance user named “shashankkgg” reported suspicious activity in their accounts. Another user on Reddit also complained over an unwanted sale of tokens from their account. This user wrote “Binance sold all my Altcoins at market rate” on the Reddit thread. The account claimed that Binance responded, revised transactions and a few moments later returned the user’s Bitcoin to his account. Another user commented on this Reddit post, reporting that his/her account balance dropped by 25% while the user was unaware of the sale. All these comments pointed to what is now a painful yet familiar issue within cryptocurrency markets: exchanges get hacked and people lose their funds. Nevertheless, Binance made sure the outcome this time would be different than the one we are used to.
Binance Responds to Hack
As a response, Binance, one of the top cryptocurrency exchange by trading volume, stated that the issue arises from “third-party tools.” Hackers targeted accounts which either have registered API keys, or through phishing the hackers enabled those API keys on them. Binance launched an investigation into reports of “issues with (users) funds.” Moreover, the team declared that “there is no evidence” of the exchange being compromised. Nevertheless, to deal with the attack, Binance temporarily disabled withdrawals.
Reddit Comments Summarize What Happened on Binance
One of the subreddits, r/Cryptocurrency, outlined these reports and responses as follows:
- Many people have logged in to find that all their altcoins were sold for BTC and that many users also placed buy-orders for Viacoin at a price multiple times above its regular value.
- This is only affecting users who have issued API keys on their accounts (or had those enabled by hackers through a phishing attack).
- Binance has confirmed the issue stems from the API via third-party tools and is not an issue that directly compromises the exchange. All funds are safe, because Binance intervened on time.
- Disabling those accounts either on Binance or the tool itself.
- Disabling “trade” access to the API on Binance or resetting the key.
- Disabling your API keys on any other exchange that is hooked into the same systems.
- Ensuring your 2FA is enabled, and you are using a strong and unique password.
Binance Hack Updates
At first, Binance disabled the withdrawals during its investigation and confirmed these issues affect only those accounts connected with API keys. Later, they located the irregular trades and reversed fraudulent transactions to restore all funds. Finally, Binance reversed those irregular trades before reactivating withdrawals.
Traders need not worry! All funds are Safe
Following the twitter and Reddit comments about Binance users, many traders seemed to have panicked. Also, many were worried about the possibility of a wider hack. Seeing this, the chief executive officer of Asia-based Binance, Zhao Changpeng said in a tweet on Wednesday “All funds are safe.” He wrote that “There were irregularities in trading activity, automatic alarms triggered. Some accounts may have been compromised by phishing from before. We are still investigating.”
Bitcoin Bounced Back Following Binance Activity to Thwart Hack
Later, Zhao tweeted that “We have localized the irregular trades, they will be reversed. All funds are safe, thanks to the fast alarm.” Following his reassuring statement, Bitcoin prices, which tend to slump upon news of a hack recovered somewhat. Bitcoin price looks more stable as per the data from Coinmarketcap. It seems that Binance pulled off what none of the exchanges that were hacked before could: To thwart the hack. This served to reassure the markets and Binance users.