Hackers Steal 7000 BTC from Binance in Biggest Attack of 2019
- Victims will be compensated from the exchange's SAFU fund.

Binance has become the victim of a “large scale” cyber attack that resulted in the theft of 7000 Bitcoins worth around $40.8 million.
The exchange publically reported the security breach on Tuesday and explained that the hackers somehow obtained “a large number of user API keys, 2FA codes, and potentially other info” to carry out the attack.
“The hackers used a variety of techniques, including phishing, viruses and other attacks. We are still concluding all possible methods used. There may also be additional affected accounts that have not been identified yet,” the exchange noted.
The exchange ensured that funds stored in its hot wallets were only compromised, which consists of around two percent of the exchange’s total holdings.
“The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks,” Binance explained.
Too many coincidences?
The report of the breach came hours after unscheduled server maintenance by the exchange. While communicating about the maintenance activity, Changpeng “CZ” Zhao, founder and CEO of Binance, specifically mentioned that all “funds are #safu” which now created a stir in the community.
Have to perform some unscheduled server maintenance that will impact deposits and withdrawals for a couple hours. No need to FUD. Funds are #safu.
— CZ Binance (@cz_binance) May 7, 2019
This also overlapped with a scheduled ask-me-anything (AMA) session by Zhao, which he did not cancel despite to the sudden crisis.
Answering to a question related to this recent breach, Zhao hinted that the exchange is considering to roll back the transaction data related to the theft of Bitcoins.
“To be honest, we can actually do this probably within the next a few days. But there’re concerns that if we do a rollback on the Bitcoin network at that scale, it may have some negative consequences, in terms of destroying the credibility for bitcoin,” Zhao stated.
This, however, was not welcomed by a major section of the Bitcoin community.
Dear @cz_binance please stop considering an attack on the bitcoin Blockchain Blockchain Blockchain comprises a digital network of blocks with a comprehensive ledger of transactions made in a cryptocurrency such as Bitcoin or other altcoins.One of the signature features of blockchain is that it is maintained across more than one computer. The ledger can be public or private (permissioned.) In this sense, blockchain is immune to the manipulation of data making it not only open but verifiable. Because a blockchain is stored across a network of computers, it is very difficult to tamper with. The Evolution of BlockchainBlockchain was originally invented by an individual or group of people under the name of Satoshi Nakamoto in 2008. The purpose of blockchain was originally to serve as the public transaction ledger of Bitcoin, the world’s first cryptocurrency.In particular, bundles of transaction data, called “blocks”, are added to the ledger in a chronological fashion, forming a “chain.” These blocks include things like date, time, dollar amount, and (in some cases) the public addresses of the sender and the receiver.The computers responsible for upholding a blockchain network are called “nodes.” These nodes carry out the duties necessary to confirm the transactions and add them to the ledger. In exchange for their work, the nodes receive rewards in the form of crypto tokens.By storing data via a peer-to-peer network (P2P), blockchain controls for a wide range of risks that are traditionally inherent with data being held centrally.Of note, P2P blockchain networks lack centralized points of vulnerability. Consequently, hackers cannot exploit these networks via normalized means nor does the network possess a central failure point.In order to hack or alter a blockchain’s ledger, more than half of the nodes must be compromised. Looking ahead, blockchain technology is an area of extensive research across multiple industries, including financial services and payments, among others. Blockchain comprises a digital network of blocks with a comprehensive ledger of transactions made in a cryptocurrency such as Bitcoin or other altcoins.One of the signature features of blockchain is that it is maintained across more than one computer. The ledger can be public or private (permissioned.) In this sense, blockchain is immune to the manipulation of data making it not only open but verifiable. Because a blockchain is stored across a network of computers, it is very difficult to tamper with. The Evolution of BlockchainBlockchain was originally invented by an individual or group of people under the name of Satoshi Nakamoto in 2008. The purpose of blockchain was originally to serve as the public transaction ledger of Bitcoin, the world’s first cryptocurrency.In particular, bundles of transaction data, called “blocks”, are added to the ledger in a chronological fashion, forming a “chain.” These blocks include things like date, time, dollar amount, and (in some cases) the public addresses of the sender and the receiver.The computers responsible for upholding a blockchain network are called “nodes.” These nodes carry out the duties necessary to confirm the transactions and add them to the ledger. In exchange for their work, the nodes receive rewards in the form of crypto tokens.By storing data via a peer-to-peer network (P2P), blockchain controls for a wide range of risks that are traditionally inherent with data being held centrally.Of note, P2P blockchain networks lack centralized points of vulnerability. Consequently, hackers cannot exploit these networks via normalized means nor does the network possess a central failure point.In order to hack or alter a blockchain’s ledger, more than half of the nodes must be compromised. Looking ahead, blockchain technology is an area of extensive research across multiple industries, including financial services and payments, among others. Read this Term to fix your mistakes. We don't do rolbacks here. Perhaps consider adding an option to your platform for users to designate their funds for 100% Cold Storage Cold Storage Cold storage is a computer system or mode of operation that is designed for the retention of inactive data, in this case private keys for cryptocurrencies. This helps put up resilient barriers against theft by hackers and malware, and is often a necessary security protocol especially dealing with large amounts of Bitcoin.In order to “own” a cryptocurrency, one must be in control of a cryptocurrency’s private keys. As such, private keys are long strings of random characters that can be used to send cryptocoins.Benefits of Cold StorageMany cryptocurrency experts recommend that you don’t keep your coins on an exchange at all rather, keeping them in a cold wallet of your own. Overall, cold storage helps control for a number of threats such as theft.This includes signing transactions with private keys in an offline environment. However, transactions initiated online are temporarily transferred to an offline wallet kept on a device such as a USB, CD, hard drive, paper, or offline computer. This itself creates risks that must be accounted for.These private keys can be stored in several different ways. By extension, when they are stored inside of a device that is connected to the internet, they are said to be in a hot wallet.When they are stored in a device (i.e. a hardware wallet) that is not connected to the internet, or on a piece of paper (a paper wallet), they are said to be in cold storage.Because cryptocurrencies that are kept in cold storage do not have an active connection with the internet, cold storage is considered to be a much safer method of keeping coins secure. After all, you can’t hack into a piece of paper.When searching for a cryptocurrency exchange, it is imperative to make sure that the exchanges you use keep their cryptocurrencies in cold storage. This vastly reduces the risk of losing the funds that you keep on an exchange to a hacker. Cold storage is a computer system or mode of operation that is designed for the retention of inactive data, in this case private keys for cryptocurrencies. This helps put up resilient barriers against theft by hackers and malware, and is often a necessary security protocol especially dealing with large amounts of Bitcoin.In order to “own” a cryptocurrency, one must be in control of a cryptocurrency’s private keys. As such, private keys are long strings of random characters that can be used to send cryptocoins.Benefits of Cold StorageMany cryptocurrency experts recommend that you don’t keep your coins on an exchange at all rather, keeping them in a cold wallet of your own. Overall, cold storage helps control for a number of threats such as theft.This includes signing transactions with private keys in an offline environment. However, transactions initiated online are temporarily transferred to an offline wallet kept on a device such as a USB, CD, hard drive, paper, or offline computer. This itself creates risks that must be accounted for.These private keys can be stored in several different ways. By extension, when they are stored inside of a device that is connected to the internet, they are said to be in a hot wallet.When they are stored in a device (i.e. a hardware wallet) that is not connected to the internet, or on a piece of paper (a paper wallet), they are said to be in cold storage.Because cryptocurrencies that are kept in cold storage do not have an active connection with the internet, cold storage is considered to be a much safer method of keeping coins secure. After all, you can’t hack into a piece of paper.When searching for a cryptocurrency exchange, it is imperative to make sure that the exchanges you use keep their cryptocurrencies in cold storage. This vastly reduces the risk of losing the funds that you keep on an exchange to a hacker. Read this Term with manual withdrawal review.
— WidespreadBTC (@WidespreadBTC) May 8, 2019
“The team is still deciding that, and we are running through the numbers and checking everything,” Zhao added. “It’s interesting that it’s a tech solution [suggested] to us by the community, including some of the core members of the bitcoin development team. We will consider that very, very carefully, with the feedback we are receiving.”
Compensating the victims
Binance was quick enough to ensure that it will fully compensate all the victims from its Secure Asset Fund for Users (SAFU).
Thanks for the support, really appreciate it. But currently no need. We will cover the loss from the #SAFU fund, there is enough. We are hurt, but not broke.
We are working hard to resolve the issue, so that everyone can deposit and withdrawal again. Will take some time. https://t.co/0j4J0fk99W — CZ Binance (@cz_binance) May 8, 2019
In addition, other crypto exchanges are also diving in to support the affected exchange by blacklisting the addresses to which the stolen funds were transferred as we have seen in the past that hackers immediately head to fiat-based exchanges to cash out the digital currencies.
Also thanks to @coinbase and many other exchanges (again, can't list everyone) pledging to block deposits from those addresses. Much appreciated!
Also much appreciate the "unitedness" of our industry to fight hackers and fraud. — CZ Binance (@cz_binance) May 8, 2019
Though exchanges like Cryptopia and Bithumb were attacked earlier this year, Binance’s breach is the largest crypto heist in 2019. Moreover, Binance being one of the largest digital asset exchange on the globe also raised questions on the security measures taken by crypto exchanges.
Binance has become the victim of a “large scale” cyber attack that resulted in the theft of 7000 Bitcoins worth around $40.8 million.
The exchange publically reported the security breach on Tuesday and explained that the hackers somehow obtained “a large number of user API keys, 2FA codes, and potentially other info” to carry out the attack.
“The hackers used a variety of techniques, including phishing, viruses and other attacks. We are still concluding all possible methods used. There may also be additional affected accounts that have not been identified yet,” the exchange noted.
The exchange ensured that funds stored in its hot wallets were only compromised, which consists of around two percent of the exchange’s total holdings.
“The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks,” Binance explained.
Too many coincidences?
The report of the breach came hours after unscheduled server maintenance by the exchange. While communicating about the maintenance activity, Changpeng “CZ” Zhao, founder and CEO of Binance, specifically mentioned that all “funds are #safu” which now created a stir in the community.
Have to perform some unscheduled server maintenance that will impact deposits and withdrawals for a couple hours. No need to FUD. Funds are #safu.
— CZ Binance (@cz_binance) May 7, 2019
This also overlapped with a scheduled ask-me-anything (AMA) session by Zhao, which he did not cancel despite to the sudden crisis.
Answering to a question related to this recent breach, Zhao hinted that the exchange is considering to roll back the transaction data related to the theft of Bitcoins.
“To be honest, we can actually do this probably within the next a few days. But there’re concerns that if we do a rollback on the Bitcoin network at that scale, it may have some negative consequences, in terms of destroying the credibility for bitcoin,” Zhao stated.
This, however, was not welcomed by a major section of the Bitcoin community.
Dear @cz_binance please stop considering an attack on the bitcoin Blockchain Blockchain Blockchain comprises a digital network of blocks with a comprehensive ledger of transactions made in a cryptocurrency such as Bitcoin or other altcoins.One of the signature features of blockchain is that it is maintained across more than one computer. The ledger can be public or private (permissioned.) In this sense, blockchain is immune to the manipulation of data making it not only open but verifiable. Because a blockchain is stored across a network of computers, it is very difficult to tamper with. The Evolution of BlockchainBlockchain was originally invented by an individual or group of people under the name of Satoshi Nakamoto in 2008. The purpose of blockchain was originally to serve as the public transaction ledger of Bitcoin, the world’s first cryptocurrency.In particular, bundles of transaction data, called “blocks”, are added to the ledger in a chronological fashion, forming a “chain.” These blocks include things like date, time, dollar amount, and (in some cases) the public addresses of the sender and the receiver.The computers responsible for upholding a blockchain network are called “nodes.” These nodes carry out the duties necessary to confirm the transactions and add them to the ledger. In exchange for their work, the nodes receive rewards in the form of crypto tokens.By storing data via a peer-to-peer network (P2P), blockchain controls for a wide range of risks that are traditionally inherent with data being held centrally.Of note, P2P blockchain networks lack centralized points of vulnerability. Consequently, hackers cannot exploit these networks via normalized means nor does the network possess a central failure point.In order to hack or alter a blockchain’s ledger, more than half of the nodes must be compromised. Looking ahead, blockchain technology is an area of extensive research across multiple industries, including financial services and payments, among others. Blockchain comprises a digital network of blocks with a comprehensive ledger of transactions made in a cryptocurrency such as Bitcoin or other altcoins.One of the signature features of blockchain is that it is maintained across more than one computer. The ledger can be public or private (permissioned.) In this sense, blockchain is immune to the manipulation of data making it not only open but verifiable. Because a blockchain is stored across a network of computers, it is very difficult to tamper with. The Evolution of BlockchainBlockchain was originally invented by an individual or group of people under the name of Satoshi Nakamoto in 2008. The purpose of blockchain was originally to serve as the public transaction ledger of Bitcoin, the world’s first cryptocurrency.In particular, bundles of transaction data, called “blocks”, are added to the ledger in a chronological fashion, forming a “chain.” These blocks include things like date, time, dollar amount, and (in some cases) the public addresses of the sender and the receiver.The computers responsible for upholding a blockchain network are called “nodes.” These nodes carry out the duties necessary to confirm the transactions and add them to the ledger. In exchange for their work, the nodes receive rewards in the form of crypto tokens.By storing data via a peer-to-peer network (P2P), blockchain controls for a wide range of risks that are traditionally inherent with data being held centrally.Of note, P2P blockchain networks lack centralized points of vulnerability. Consequently, hackers cannot exploit these networks via normalized means nor does the network possess a central failure point.In order to hack or alter a blockchain’s ledger, more than half of the nodes must be compromised. Looking ahead, blockchain technology is an area of extensive research across multiple industries, including financial services and payments, among others. Read this Term to fix your mistakes. We don't do rolbacks here. Perhaps consider adding an option to your platform for users to designate their funds for 100% Cold Storage Cold Storage Cold storage is a computer system or mode of operation that is designed for the retention of inactive data, in this case private keys for cryptocurrencies. This helps put up resilient barriers against theft by hackers and malware, and is often a necessary security protocol especially dealing with large amounts of Bitcoin.In order to “own” a cryptocurrency, one must be in control of a cryptocurrency’s private keys. As such, private keys are long strings of random characters that can be used to send cryptocoins.Benefits of Cold StorageMany cryptocurrency experts recommend that you don’t keep your coins on an exchange at all rather, keeping them in a cold wallet of your own. Overall, cold storage helps control for a number of threats such as theft.This includes signing transactions with private keys in an offline environment. However, transactions initiated online are temporarily transferred to an offline wallet kept on a device such as a USB, CD, hard drive, paper, or offline computer. This itself creates risks that must be accounted for.These private keys can be stored in several different ways. By extension, when they are stored inside of a device that is connected to the internet, they are said to be in a hot wallet.When they are stored in a device (i.e. a hardware wallet) that is not connected to the internet, or on a piece of paper (a paper wallet), they are said to be in cold storage.Because cryptocurrencies that are kept in cold storage do not have an active connection with the internet, cold storage is considered to be a much safer method of keeping coins secure. After all, you can’t hack into a piece of paper.When searching for a cryptocurrency exchange, it is imperative to make sure that the exchanges you use keep their cryptocurrencies in cold storage. This vastly reduces the risk of losing the funds that you keep on an exchange to a hacker. Cold storage is a computer system or mode of operation that is designed for the retention of inactive data, in this case private keys for cryptocurrencies. This helps put up resilient barriers against theft by hackers and malware, and is often a necessary security protocol especially dealing with large amounts of Bitcoin.In order to “own” a cryptocurrency, one must be in control of a cryptocurrency’s private keys. As such, private keys are long strings of random characters that can be used to send cryptocoins.Benefits of Cold StorageMany cryptocurrency experts recommend that you don’t keep your coins on an exchange at all rather, keeping them in a cold wallet of your own. Overall, cold storage helps control for a number of threats such as theft.This includes signing transactions with private keys in an offline environment. However, transactions initiated online are temporarily transferred to an offline wallet kept on a device such as a USB, CD, hard drive, paper, or offline computer. This itself creates risks that must be accounted for.These private keys can be stored in several different ways. By extension, when they are stored inside of a device that is connected to the internet, they are said to be in a hot wallet.When they are stored in a device (i.e. a hardware wallet) that is not connected to the internet, or on a piece of paper (a paper wallet), they are said to be in cold storage.Because cryptocurrencies that are kept in cold storage do not have an active connection with the internet, cold storage is considered to be a much safer method of keeping coins secure. After all, you can’t hack into a piece of paper.When searching for a cryptocurrency exchange, it is imperative to make sure that the exchanges you use keep their cryptocurrencies in cold storage. This vastly reduces the risk of losing the funds that you keep on an exchange to a hacker. Read this Term with manual withdrawal review.
— WidespreadBTC (@WidespreadBTC) May 8, 2019
“The team is still deciding that, and we are running through the numbers and checking everything,” Zhao added. “It’s interesting that it’s a tech solution [suggested] to us by the community, including some of the core members of the bitcoin development team. We will consider that very, very carefully, with the feedback we are receiving.”
Compensating the victims
Binance was quick enough to ensure that it will fully compensate all the victims from its Secure Asset Fund for Users (SAFU).
Thanks for the support, really appreciate it. But currently no need. We will cover the loss from the #SAFU fund, there is enough. We are hurt, but not broke.
We are working hard to resolve the issue, so that everyone can deposit and withdrawal again. Will take some time. https://t.co/0j4J0fk99W — CZ Binance (@cz_binance) May 8, 2019
In addition, other crypto exchanges are also diving in to support the affected exchange by blacklisting the addresses to which the stolen funds were transferred as we have seen in the past that hackers immediately head to fiat-based exchanges to cash out the digital currencies.
Also thanks to @coinbase and many other exchanges (again, can't list everyone) pledging to block deposits from those addresses. Much appreciated!
Also much appreciate the "unitedness" of our industry to fight hackers and fraud. — CZ Binance (@cz_binance) May 8, 2019
Though exchanges like Cryptopia and Bithumb were attacked earlier this year, Binance’s breach is the largest crypto heist in 2019. Moreover, Binance being one of the largest digital asset exchange on the globe also raised questions on the security measures taken by crypto exchanges.