x
--d : --h : --m : --s
Get tickets

Binance Hacked for $40M, CEO Backpedals on Recoup Via Block Reorganization

by

        Binance Hacked for $40M, CEO Backpedals on Blockchain Reorganization Idea
Binance Hacked for $40M, CEO Backpedals on Blockchain Reorganization Idea

Chinese crypto exchange Binance suffered a major hack on Tuesday, which the company’s CEO responded to by proposing a rollback of the Bitcoin blockchain to rectify — a suggestion that riled up the community.

The company formally notified the public via an announcement on the evening of May 7, 2019, claiming that the hackers had employed a diverse range of tactics from outright viruses to social engineering techniques such as phishing scams. In addition to gaining access to other sensitive information, Binance also admitted that a single transaction sapped 7,000 bitcoins from Binance’s wallet, roughly 2 percent of the company’s entire BTC holdings.

“The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that,” the announcement reads.

Binance will use reserves from its Secure Assets Fund for Users (SAFU fund) to compensate clients, noting “[n]o user funds will be affected.” Trading is continuing uninhibited, but Binance has suspended deposits and withdrawals for the time being.

Later that same evening, Binance CEO Changpeng Zhao insinuated that he was considering a scheme proposed by Bitcoin Core contributor Jeremey Rubin to reorganize the Bitcoin blockchain to rewrite the hack. Ultimately, he backpedaled from this idea after deliberating with or industry leaders like Bitmain’s Jihan Wu, saying that such a move “may damage credibility of BTC” and/or “cause a split in both the bitcoin network and community.”

Such a rollback scheme would be an incredibly ambitious undertaking. The most feasible plan would entail Binance sending its own 7,000 BTC transaction from the hacked address to another one that it owns with a hefty fee. With a substantial enough fee, miners would be incentivized to let Binance spend the 7,000 BTC it does have, reorganizing the blockchain’s transaction history to include this transaction in the ledger (miners would need a large fee to justify nullifying the block rewards they received since the hack). In this double-spend scenario, miners would forge an alternate chain, though this chain split would resolve itself once the chain became longer than the old one and all nodes accepted it.

Nevertheless, such a plan could have serious repercussions for the crypto asset space. Such a reorganization could shake user confidence in bitcoin’s immutability, possibly having an adverse effect on the price and reducing miners’ incentive to participate in the scheme. Participating in the rollback, after all, also contains opportunity costs. Zhao went back onto Twitter on the morning of May 8 to reiterate that the idea had some possible applications but, overall, was not worth the risks and would not be considered any further. Other critics of the proposal mentioned that, alongside being potentially hazardous to the network's reputation, such a move is technically difficult and extremely unlikely.

Recommended

Crypto Hacks Are on Track to Eclipse $1 Billion in Lost Funds This Year

Crypto security and intelligence firm CipherTrace has published its Q1 2019 Cryptocurrency Anti-Money Laundering Report, revealing that exchange platforms all over the world have lost nearly $400 million as a result of hacks and thefts.

Jimmy Aki

Percentage of CoinJoin Bitcoin Transactions Triples Over Past Year

According to a study released by Longhash, the relative usage of CoinJoin out of all bitcoin transactions has tripled in one year, currently sitting at 4.09 percent.

Landon Manning

New Cryptojacking Campaign Infects Asia Using More Profitable Tactics

According to a report by cybersecurity analytics firm Symantec, cryptojacking incidents have plummeted but the method of delivery, the execution and the targeting schemes have grown more sophisticated.

Colin Harper

Version 1.1.4 Gives Wasabi Wallet a Boost in Privacy, Security and UX

Wasabi Wallet has released version 1.1.4 of its privacy-focused wallet and the latest upgrade comes with security-bolstering features, improved performance and some interesting new features.

Colin Harper