UPDATED: Binance 'Hack' Transactions Reversed, Trading Reinstated

Binance Suspends withdrawals

Share this article

Binance, the world’s largest crypto exchange, temporarily froze withdrawals today after a suspected API hack sold off customer coins to buy a previously little-known coin, VIA, at a massively-inflated price.

UPDATE: Binance has posted an explanation of the phishing attack, noting that it was carefully premeditated and preceded the execution of the trades by several weeks. As noted in our article on scams, a hard-to-detect method of redirecting unwitting users to a malicious website was traced as the culprit. Binance says that all funds have been returned, and all trading is restored.


UPDATE: “All deposit, trading and withdrawal are resumed.” Note that Changpeng Zhao refers to ‘hackers’ in this statement from his Twitter account.

https://twitter.com/cz_binance/status/971520303812698112

UPDATE: ‘irregular’ trades will be reversed, says CEO of Binance.

https://twitter.com/cz_binance/status/971476396278099969

UPDATE: Changpeng Zhao, CEO of Binance, says “all funds are safe”.

https://twitter.com/cz_binance/status/971454040704872448

Via’s current market cap is under $80M, but trading in the coin exceeded $185M in the 24 hours including the suspected attack. Although Viacoin published a Medium update today, nothing in the article would seem to explain such a dramatic escalation in the VIA price. On Binance, the price soared from ~0.00025 BTC to ~0.018 BTC at one point, an increase of ~7,500%. While exact figures vary according to the source, Blockfolio reported a high of $243.73 and a low of $2.19 for the trading day.

An estimated $46M may have been traded in one minute during the suspected breach.

While details are thin, both the official Binance Telegram group (English) and the Reddit sub posted messages from an admin named “Symbiotic_BNB” that said:

“We are investigating reports of some users having issues with their funds. Our team is aware and investigating the issue as we speak. Please remain patient and we will provide an update as quickly as possible.”

Binance pinned statement reddit

The most recent update available says:

Binance update 2 on Reddit

“We are investigating reports of some users having issues with their funds. Our team is aware and investigating the issue as we speak.

As of this moment, the only confirmed victims have registered API keys (to use with trading bots or otherwise). There is no evidence of the Binance platform being compromised.

Please remain patient and we will provide an update as quickly as possible.

Edit: Withdrawals are temporarily disabled at this time.”

Meanwhile, a reliable source who wished to remain anonymous told Crypto Briefing that a trading bot was to blame; the source described “a bot that some were using to trade automatically maliciously traded all alts into BTC and then bought VIA. If you weren’t using the BOT you are not affected.”

Crypto Briefing team members were able to confirm with third parties that Binance withdrawals in several prominent coins were unavailable.

Speculation has centred on an API breach, as many of the reports of unauthorized sales are from commentators who had an API enabled (even if trading through the API was disabled).

There are no indications of a 2-factor attack or a compromised app at this time.

A flash crash in Bitcoin and almost all altcoins seemed to coincide with the appearance of the breach. As of the time of publication, most of the top 50 coins were down 10% over the past 24 hours.

The mod team on Reddit is a disparate group of active Redditors, and persons or accounts with low karma. The Symbiotic_BNB account is only one month old.

This article will be updated as more details emerge.

Image below: VIA / BTC on Binance today.

Binance BTC VIA Chart 3.7.18

Image below: VIA / BTC on Bittrex today.

BTC VIA Binance

Share this article

Loading...