Hackers stole $40 million from a major Bitcoin exchange

Binance users won't lose any money thanks to an emergency insurance fund.

Sponsored Links

Darrin Zammit Lupi / Reuters
Darrin Zammit Lupi / Reuters

Binance, one of the world's largest cryptocurrency exchanges, announced that it lost $40 million (7,000 Bitcoins) in a "large scale security breach." The company said that hackers accessed a hot wallet that contained about two percent of its total BTC holdings. They used phishing and viruses to obtain user data and managed to bypass security checks, preventing Binance from blocking the transaction. The company said that "no user funds will be affected," as has an emergency fund that will cover the incident "in full."

"The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time," wrote Binance CEO Zhao Changpeng in a statement. "We must conduct a thorough security review. The security review will include all parts of our systems and data."

Binance was unable to block the transaction, but it triggered an alarm and the company shut down all deposits and withdrawals. While trading can continue, all transactions will reportedly take a week to complete. "Deposits and withdrawals will need to remain suspended during this period of time. We beg for your understanding in this difficult situation," the exchange wrote. "We will continue to enable trading, so that you may adjust your positions if you wish. Please also understand that the hackers may still control certain user accounts and may use those to influence prices in the meantime."

Turn on browser notifications to receive breaking news alerts from Engadget
You can disable notifications at any time in your settings menu.
Not now

Cryptocurrency exchanges have a sordid history, with hacking and theft rampant. One of the messiest sagas occurred recently with Canada's QuadrigaCX exchange. Co-founder and CEO Gerald Cotten passed away in December 2018, and it turned out he was the only one who could access the company funds, leaving creditors high and dry. Last year, Coincheck lost $400 million worth of cryptocurrency in a hack and BitfinX lost $64 million in 2016. Perhaps the most famous, which helped kick off this trend, was the hack that brought down Mt. Gox in 2014.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. All prices are correct at the time of publishing.
Popular on Engadget