I’m not sure if calling this a hack is appropriate or even correct, which is why I have gone with a factual episode title.
What upsets me is this kind of thing:
The problem is that people respond do it, creating an incentive for content creators to do it. So I can’t really blame the creators.
While it feels inauthentic for me to do this kind of thing, I’ll admit that sometimes I do it because I feel like I have to.
So please make a stand for my approach to crypto content creation by clicking here and pledging support as a patron.
In the official announcement from Binance they say:
“Hackers were able to obtain a large number of user API keys, 2FA codes, and potentially other info. The hackers used a variety of techniques, including phishing, viruses and other attacks. We are still concluding all possible methods used. There may also be additional affected accounts that have not been identified yet.”
We won’t know the full story until they complete the security audit, however right now this sounds like another case of the individual users having their access credentials stolen rather than the security of the Binance system being broken.
If I have poor security on my laptop and a hacker is able to get a hold of my Binance login details, they can simply walk right through the front door, take my money and walk out.
To the Binance computer system that looks like a perfectly legitimate action because it passed all the authentication checks.
In that scenario it’s not a failure of Binance’s system but of the individual user.
Again, I’ll stress that we need the results of the full security audit before coming to any hard conclusions, but if I’m right about this being the result of poor user security than Binance isn’t really to blame.
Yes, they do have security systems that monitor the exchange for suspicious activity, and they have intercepted potential thefts in the past that were the result of poor security on the users end but my question is how far do we expect Binance to extend their sense of responsibility?
It has to end somewhere otherwise their liability is unlimited, and that is untenable.
7,000 BTC was removed from Binance hot wallets worth around $40m. They say that they only keep 2% of their BTC in the hot wallet anyway.
Deposits and withdrawals on Binance have been suspended for up to a week while they complete a detailed security audit.
If you are wondering if you’re going to lose any money the answer is no because Binance have their own insurance fund set aside to cover things like this. That should keep the regulators off their back.
Rolling Back The Blockchain???
Binance CEO Chanpang Zhao (CZ) said that in response to the theft the community suggested rolling back the Bitcoin blockchain, something CZ said “I didn’t even know we could do”.
Well that’s because you can’t do that without completely destroying confidence in Bitcoin.
Plus you would have to get a cabal of miners with enough hashing power to effectively 51% attack the network and reverse all transactions that happened after the hackers moved the Bitcoin from Binance.
That would cause a level of chaos that I think could potentially kill Bitcoin, so that simply can’t happen. I’m with Mati Greenspan on this one, I don’t even see how CZ took that suggestion seriously.
Confidence in the Bitcoin blockchain comes from it’s absolute immutability, and if that is violated, I consider that an attack on the network and an attempt to defraud users.
If we start bailing out private companies in the crypto space at the expense of innocent users then we are right back in the fiat economy that we came to crypto to get away from.
Around the same time that this Binance announcement came out, Bitcoin dropped 4% in the following 2 hour period.
Binance coin trading against USD dropped 10.5% during the same time period.
While that happened around the same time by the clock, that’s not hard proof that one thing caused the other, I’m just making that observation.
In any case Binance coin is already back up from the low that it hit of $19.50. Bitcoin has also recovered somewhat, up from the low it hit of $5,656 on Coinbase.
The Solution To These Thefts
I would say that the ultimate solution to problems like this theft are decentralised exchanges.
If you go to https://www.binance.org you can play around with the DEX that Binance has launched and continues to develop.
As long as you interact with the Binance DEX from your Ledger hardware wallet, there is no risk of this kind of theft happening, even if you have terrible security on your local computer.
In any case stay tuned to The Cryptoverse and I will bring you more details as they are revealed.
Let me know what you think in the comments or on Twitter.