Binance Still Down, Refutes the Accusations About Hack

Cryptoexchange Binance still down, but disproves alleged hack with wallet addresses
09 February 2018   887

Today we've already reported that one of the largest cryptocurrency exchanges Binance was down for the maintenance and should have been up and running at 2 PM (UTC). The rumors were already abundant about hack, and that the prolonged downtime was just an effort at covering up a security breach.

During all this time Binance support and CEO Changpeng Zhao tried to calm customers with updates practically every two hours. Databases don't sync instantly, and the approximate data volume is staggering, so no wonder that it takes longer then expected. But the panic was still spreading, and even the notorious John McAfee accused Binance and its CEO of trying to cover up some security breach. In his Twitter post he alluded to some “sources” which gave him information about Binance being really hacked. Of course, he said that he wasn't trying to “spread the FUD”, but in turn, Changpeng Zhao called him out on it with reply, that they will prove him wrong.

And oh, they did. Blockchain is an open ledger for a reason, and having the address everyone can check the account balance and transactions. Also, according to Zhao, the released addresses are just a hot wallets with a fraction of real holdings. At the moment of publication, their Bitcoin and Etherium wallets account for $263 million and $153 million respectfully. They even went as far as to transfer 30 000 BTC from one of their cold storage accounts to a hot one just to prove that they have on hand a lot more, than initial 2000 BTC.

All in all, Binance, while suffering heavy technical problems, still manages to keep a good face. And right now support says, that everything should be online and fully functional by 4 AM (UTC) on February 9.

Binance Unveiled Hack Investigation News

Exchange's team believes that attack could came from Eastern Europe
19 March 2018   143

The Binance Exchange, which announced the award for information on the recent hack attack, reported on the first results of its investigation.

Hackers receivedan access to API keys from user accounts due to a large-scale phishing attack and used them to manipulate the market. According to Binance, a group of intruders stands behind this attack, although the likelihood that it could hold one person, is also not excluded.

Binance provides a list of addresses on which copies of the exchanges that were used during the phishing attack were posted. It is curious that among them there are not only copies of Binance, but also Bitstamp, Bittrex, Coinone, Etherdelta, Gemini, HitBTC, Poloniex, as well as some other exchanges and crypto-currency services.

Most of the domains are registered for 2 names: Sergey Kireev and Victoria Belinskaya. One of these registrars can also be associated with the creation of phishing copies of the Bittrex exchange in August 2017.

The IP address used to create the API keys (, according to the exchange's information, refers to Lipetsk, Russia. Binance admits that hackers could use a VPN or other service to hide the real location, while noting that with a high degree of confidence it can be argued that the attack was from Eastern Europe.

The company also identified several suspicious transactions of Viacoin, which took place 1-2 hours before the incident. A total of 31 suspicious transactions were identified for a total of 4,000 VIAs. All of them were committed within 200 blocks.