Summary of the Phishing and Attempted Stealing Incident on Binance

no phishing.png

On Mar 7, UTC 14:58–14:59, within this 2 minute period, the VIA/BTC market experienced abnormal trading activity. Our automatic risk management system was triggered, and all withdrawals were halted immediately.

This was part of a large scale phishing and stealing attempt.

So far: All funds are safe and no funds have been stolen.

The phishers accumulated user account credentials over a long period of time. The earliest phishing attack seems to have dated back to early Jan. However it was around Feb 22, where a heavy concentration of phishing attacks were seen using unicode domains, looking very much like binance.com, with the only difference being 2 dots at the bottom of 2 characters. Many users fell for these traps and phishing attempts. After acquiring these user accounts, the phishers then simply created a trading API key for each account but took no further actions, until yesterday.

Yesterday, within the aforementioned 2 minute period, the phishers used the API keys, placed a large number of market buys on the VIA/BTC market, pushing the price high, while 31 pre-deposited accounts were there selling VIA at the top. This was an attempt to move the BTC from the phished accounts to the 31 accounts. Withdrawal requests were then attempted from these accounts immediately afterwards.

However, as withdrawals were already automatically disabled by our risk management system, none of the withdrawals successfully went out. Additionally, the VIA coins deposited by the phishers were also frozen. Not only did the phishers fail to steal any coins, their own coins have also been withheld.

The phishers were well organized. They were patient enough to not take any immediate action, and waited for the most opportune moment to act. They also selected VIA, a coin with smaller liquidity, to maximize their own gains.

After a thorough security check by Binance, we resumed withdrawals. Trading functionality was never affected. There are still some users whose accounts where phished by these phishers and their BTC were used to buy VIA or other coins. Unfortunately, those trades did not execute against any of the phishers’ accounts as counterpart. As such, we are not in a position to reverse those trades. We again advise all traders to take special precaution to secure their account credentials.

Protecting our traders is and has always been our highest priority.

Thanks for your support!

Binance Team

2018/03/08

Sort:  

Good old rule confirmed again:
Your keys (private)- your money, no keys - not your money.

As a newb to crypto, the options for exchanges is limited due to new sign-up freezes.

Open Ledger doesn't have many assets to choose from; but, one good thing is each user has private keys, even though a simple user name is equivalent to the private key. I know all exchanges are subject to phishing risks; but, it's a bit reassuring to know the funds are a bit more secure than just setting on a public exchange.

It shall be interesting to see how the OL platform grows over time. They certainly seem to be putting a lot of work into getting it up and running competitively with the likes of Bittrex, etc.

Btw, that was a good catch by Binance.

Best regards!

Peace.

Is this official steem account of Binance? I am curious.

Yes it is and you are wise to be cautious about impersonation.

If you go to the binance.com site and look carefully at the very bottom you will see a steemit logo along with the other social logos (twitter, etc.). Click on that steemit logo and it takes you to this account.

Thanks @smooth , I just confirmed it.

This is very well handled by binance, kudos to the professionalism.

@acidyo.. Thanks a lot for resteeming! Exactly the kind of info to be passed on! Unfortunately FUD always travels faster 😑 kudos to binance for the great work!

They can set an example of professionalism to that other place.

Binance being on Steem and having Steem on their exchange is also another thing they are an example for.

You folks have to be one of the best exchanges as far a communication is concerned. So many exchanges keep their customers in the dark when there are issues. Binance is always quick with informing their customers of any issues they're having.

A friend of mine is having anxiety laughter because he doesn’t know if his 10k in bitcoin will be recovered. Mine is fine probably due to very small holdings. He’s done w/ Binance

Thanks @binanceexchange for taking timely action and rectifying the issues....Hope to see everything working normal soon!

It’s not difficult. Don’t leave coins on exchanges. Leave them in hardware wallets. Transfer to exchanges when you want to ‘exchange’ them. If you don’t control your private keys you don’t really control your coins!

Hey I just thought of something;

Have you verified this account? How do we know you're the real Binance; did you do a Twitter verification?

I know I'm paranoid, but am I paranoid enough?

Thanks.

Cg

You can find this account linked directly from the Binance homepage.

Thank you for handling the whole situation so professionally.

You guys are awesome!

thanks for updating us

Wow, I wish other companies like Coinbase or Bittrex could be half as good as communicating with their customer base. Thumbs up to you guys for being so upfront and handling the whole ordeal in a professional way!