Ad
News
Security update from Binance CEO, following $40 million exchange hack Security update from Binance CEO, following $40 million exchange hack
🚨 This article is 6 years old...

Security update from Binance CEO, following $40 million exchange hack

Security update from Binance CEO, following $40 million exchange hack

Cover art/illustration via CryptoSlate. Image includes combined content which may include AI-generated content.

Changpeng Zhao (“CZ”), the CEO of Binance, the world’s largest crypto exchange in terms of adjusted trading volume, has published a blog post in which he apologized for previously suggesting a chain reorg of the Bitcoin (BTC) blockchain.

Following a large-scale security breach of Binance on May 7th, 2019, which resulted in a loss of over $40 million in Bitcoin, CZ acknowledged that the “situation is tough” for the crypto community. He also noted that Binance’s management strives to “maintain the highest degree of transparency.”

Hackers Watching Every Move We Make

However, CZ pointed out that the hackers are most likely keeping a close eye on everything the exchange’s management is saying and doing, including “reading every word” posted by the crypto firm and watching every AMA session hosted by Binance.

World’s Biggest Crypto Exchange Binance Reports 7,000 Bitcoin Hack
Related: World’s Biggest Crypto Exchange Binance Reports 7,000 Bitcoin Hack

According to CZ, “sharing too many security details” could potentially weaken the exchange’s security response strategy. He explained that Binance’s developers are currently revamping some of the exchange’s standard “security measures, procedures, and practices.”

The Binance founder also clarified that the exchange’s management intends to resume deposits and withdrawals “as soon as possible” and that several important changes to the platform’s operating procedures will be completed “within the window of this week.” Additionally, Binance’s team will work on making various other changes to the crypto trading platform’s standard operating procedures in the coming weeks.

Working To Improve Risk Management, Performing User Behavior Analysis

In the security update blog, CZ stated:

“We are making significant changes to the API, [two-factor authentication] 2FA, and withdrawal validation areas, which was an area exploited by hackers during this incident. We are improving our risk management, user behavior analysis, and [know-your-customer] KYC procedures.”

CZ further noted that Binance’s team is working on “more innovative ways to fight phishing” and it is also implementing several new security measures. Some of these changes, CZ said, will not be noticeable to users on the front end.

Adding Support For Security Hardware Devices

In the coming weeks, Binance’s team will be adding support for security-related hardware devices, including YubiKey, a hardware authentication device that “supports one-time passwords, public-key encryption and authentication, and the Universal 2nd Factor and FIDO2 protocols developed by the FIDO Alliance.”

Notably, Binance will conduct an event “very soon” in which it will give away 1,000 YubiKeys as soon as the feature is integrated on the crypto trading platform.

Working With A Dozen Industry-Leading Security Experts

Assessing the damages from the hack, CZ wrote that “impact-wise, the single BTC transaction of about 7000 BTC is the only transaction in which funds were stolen, and it’s quite simple to verify this on the blockchain.”

Related: Binance faces criticism for considering rollback of the Bitcoin blockchain

CZ added that there are many community experts who are closely monitoring every Binance wallet. He also mentioned that Binance’s security team is investigating “all other areas of the system,” in order to ensure that all vulnerabilities on the exchange platform are identified and addressed.

Per the Binance CEO, the exchange is presently working with “a dozen or so industry-leading security expert teams” to help improve the trading platform’s security. He also revealed that blockchain analytics firms are “actively helping” the exchange operator in tracking down the stolen cryptocurrency.

This Incident Will Make Us “Stronger In The Long Run”

After suffering one of the most damaging security breaches of this year, CZ said:

“Mentally, the Binance team is not sad or depressed; on the contrary, we are in fighting mode. This event has further united an already tight team … We will continue to fight for all of us, the community, against hackers and people with ill intentions. I believe this incident, while damaging us now, will actually make us far stronger and more secure in the long run.”

The Binance CEO added:

“Given how much I talk, I sometimes say the wrong stuff, dirty words like “reorg”, for which I apologize. It is my strong view that our constant and transparent communication is what sets us apart from the ‘old way of doing things,’ even and especially in tough times.”

Mentioned in this article
Posted In: , Exchanges, Hacks, KYC