Man, what a scare! Rumors spread last night that Binance, one of the largest cryptocurrency exchanges around, had been hacked. But that was not the case, and it actually turned out to be a theft attempt.
Binance CEO Changpeng Zhao, a remarkably active presence on Twitter, tweeted Wednesday that it was merely irregularities in trading activity that set off alarms. All user funds were safe, and that it was actually a phishing attack and not a hack.
All funds are safe. There were irregularities in trading activity, automatic alarms triggered. Some accounts may have been compromised by phishing from before. We are still investigating. All funds are safe.
— CZ (not giving crypto away) (@cz_binance) March 7, 2018
The exchange revealed more details early on Thursday that it was a well-organized attempt by hackers to manipulate the market and steal the digital coins users had on the exchange. In fact, the cybercriminals actually lost some funds as a result as their own coins had been withheld.
They had launched a phishing scheme in early January where they purchased domains names that closed resembled binance.com. Several users fell for these traps and phishing attempts.
The hackers gained access to trading API keys of these users, wrote computer programs to trade on the exchange and then went silent, waiting for the right moment.
That moment came Wednesday evening, at around 3PM GMT.
The hackers used the API keys to place a large number of buy orders for Viacoin — a relatively unknown digital currency with small liquidity. This saw a price surge for this coin, where it increased 143% in 30 minutes, going from $2.80 before the hack to $6.79.
As the price spiked, the hackers sold Viacoin for Bitcoin, using 31 accounts that they had preloaded. With the trades completed, they immediately initiated withdrawal requests.
This unusual activity is what triggered the automatic risk management system that Binance has in place, and it blocked the hackers from transferring the Bitcoin.
Anyway, all irregular trades were reversed a few hours later after Binance thwarted the hackers.
The hacking attempt came just a month after Binance experienced an unexpected and lengthy system outage, which also ignited hacking concerns. However, that technical glitch was soon repaired, but not after the third largest crypto exchange in the world had stopped trading activity for more than a day.
Nevertheless, this episode does confirm that Binance has some solid protection in place.