Binance, one of the top five cryptocurrency exchanges in the world, has reported that the company faced a huge security breach which allowed the hackers steal 7,000 Bitcoins, worth almost $41 million.
Binance, which provides a platform for trading over 100 cryptocurrencies, disclosed the information about the data breach on its official blog and social media platforms, besides explaining that the hackers used various techniques such as phishing, viruses and other attacks to gain access to a large number of user API keys, 2FA codes among others.
The cybercriminals carried out 7,074 BTC transactions from Binance's main "hot wallet" to several smaller accounts that triggered all sorts of alarm at the cryptocurrency exchange. But, for the Shanghai-based company, the warning came so late that they could not do anything to stop the transaction process.
"It impacted our BTC hot wallet only (which contained about 2% of our total BTC holdings). All of our other wallets are secure and unharmed," Binance stated.
As soon as the company detected the cybersecurity breach, the admins at Binance froze the deposits, withdrawals and put the site under maintenance mode pending investigation into the attack which resulted in a loss of huge amount of money.
While explaining how the hackers took control of the cryptocurrency exchange, it said: "The hackers had the patience to wait and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks."
However, the company has decided to run a security audit in a week's time to track down the hackers. Binance also assured its users that they won't be losing any bitcoin from personal accounts as the company plans to use its Secure Asset Fund for Users (SAFU), which was created to offset such situations of hacking attempts.
On Twitter, Changpeng Zhao, founder and CEO of Binance not only responded to the queries and mentioned that the cryptocurrency exchange has decided "NOT to pursue the re-org approach."