Crypto Exchange Binance Says It’s Revamping Security in Post-Hack Update

CZ-Binance-2
10 May 2019

Cryptocurrency exchange Binance said it is revamping security measures after losing some 7,000 bitcoin worth over $40 million in a hack earlier this week.

“Significant” changes related to its application programming interface (API), two-factor authentication (2FA) and withdrawal validation are being made, Binance CEO Changpeng Zhao said in a blog post published on Friday.

The exchange did not disclose more details regarding these efforts, but said it is also improving its risk management and know-your-customer procedures to fight phishing, among other additional security measures at the back-end.

Binance will take action of some of the measures within this week and in the coming weeks in order to resume services at the earliest, according to the post. Zhao said tentatively, the exchange is looking to resume withdrawals and deposits “early next week.”

Binance will also be adding support for hardware-based 2FA devices such as YubiKey “very soon,” the CEO further said, adding that 1,000 YubiKeys will also be given away once the feature is live.

Binance first announced it had lost 7,000 bitcoin on Tuesday, saying hackers had gained access to user API keys and two-factor authentication codes, allowing them to withdraw bitcoin from one of the exchange’s hot wallets.

Immediately after discovering the breach, withdrawals and deposits were suspended, while trading was not affected. Binance said it would cover the loss for all impacted customers using its own emergency fund.

As of Wednesday, 2,500 of the stolen bitcoin had been shifted around and broken up into small amounts, a move that may be designed to obscure if and when the hacker decides to cash them out.

CZ image courtesy Binance