Binance, one of the largest online exchanges for buying and selling cryptocurrencies, lost $40 million to hackers on Tuesday in what its CEO described as a “very expensive lesson."
According to a blog post written by CEO Zhao Changpeng, the hackers used a slew of techniques including phishing and viruses to steal roughly 7,000 bitcoins from Binance’s hot wallet (a digital wallet used to handle day-to-day transactions, rather than store reserves indefinitely) in a single transaction on Tuesday. The stolen bitcoins accounted for 2 percent of Binance’s Bitcoin holdings, the blog stated.
According to the post, the hackers also made off with API keys, two-factor authentication codes, and possibly more.
“The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time,” Zhao wrote.
Withdrawals and deposits are currently suspended on the exchange. Lost funds will be covered by Binance’s Secure Asset Fund for Users (SAFU), an emergency insurance fund, according to Binance. “Binance will use the #SAFU fund to cover this incident in full. No user funds will be affected,” the exchange said.
On Twitter, Zhao wrote that Binance discussed whether to attempt instigating a re-organization of the Bitcoin blockchain that would redistribute the hacked coins to miners, a proposition it abandoned because it wasn’t realistic. Even if it was, it could be damaging to the Bitcoin ecosystem by reducing stability and trust, and causing headaches and division, Zhao said.
Previously, Zhao has advocated for users to store funds with an exchange rather than on a personal device, since users would then have to “fight hackers [themselves].”
Zhao wrote in another tweet that the hackers had exposed “certain weak points in our design and user confusion” that weren’t obvious before.
“While it is a very expensive lesson for us, it is nevertheless a lesson. It was our responsibility to safeguard user funds. We should own up [to] it. We will learn and improve,” Zhao wrote.
Listen to CYBER, Motherboard’s new weekly podcast about hacking and cybersecurity.