Strange Day on Binance (And Lets Get Some Traffic for STEEM There!)

in #bitcoin7 years ago

If you are my reader you know how i fall in love with Binance since day one that ive used it. Luckily we got STEEM there now so im sure many of you use it already.

Today they are top1 exchange volume wise worldwide.

At some point during the day users started reporting that all their altcoins were spot sold.

Later on VIA pumped like crazy.

It was found out fast that some users got phished and a popular bot was possibly hacked and API keys of users accessed.

Binance freezed withdrawal and investigated.

On Mar 7, UTC 14:58-14:59, within this 2 minute period, the VIA/BTC market experienced abnormal trading activity. Our automatic risk management system was triggered, and all withdrawals were halted immediately.

This was part of a large scale phishing and stealing attempt.

So far: All funds are safe and no funds have been stolen.

The hackers accumulated user account credentials over a long period of time. The earliest phishing attack seems to have dated back to early Jan. However it was around Feb 22, where a heavy concentration of phishing attacks were seen using unicode domains, looking very much like binance.com, with the only difference being 2 dots at the bottom of 2 characters. Many users fell for these traps and phishing attempts. After acquiring these user accounts, the hacker then simply created a trading API key for each account but took no further actions, until yesterday.

Yesterday, within the aforementioned 2 minute period, the hackers used the API keys, placed a large number of market buys on the VIA/BTC market, pushing the price high, while 31 pre-deposited accounts were there selling VIA at the top. This was an attempt to move the BTC from the phished accounts to the 31 accounts. Withdrawal requests were then attempted from these accounts immediately afterwards.

However, as withdrawals were already automatically disabled by our risk management system, none of the withdrawals successfully went out. Additionally, the VIA coins deposited by the hackers were also frozen. Not only did the hacker not steal any coins out, their own coins have also been withheld.

The hackers were well organized. They were patient enough to not take any immediate action, and waited for the most opportune moment to act. They also selected VIA, a coin with smaller liquidity, to maximize their own gains.

After a thorough security check by Binance, we resumed withdrawals. Trading functionality was never affected. There are still some users whose accounts where phished by these hackers and their BTC were used to buy VIA or other coins. Unfortunately, those trades did not execute against any of the hackers’ accounts as counterpart. As such, we are not in a position to reverse those trades. We again advise all traders to take special precaution to secure their account credentials.

tldr; Hackers got access to some accounts and a bot, then used one of lowest liquidity markets (VIA) to dump all altcoins and buy overpriced VIA of themselves. Binances filters triggered, nothing got stolen and trades were re-rolled.

VIA Markets

So guys from the exchange did a really good job stopping this "hack".

STEEM IS THERE


Come on guys get to Binanace and lets do some volume, its a top1 exchange and more investors will notice us.

Follow, Resteem and VOTE UP @kingscrown creator of http://fuk.io blog for 0day cryptocurrency news and tips!

Sort:  
There are 2 pages
Pages

Good old rule confirmed again:
Your keys (private)- your money, no keys - not your money.

Couldn't have said it better myself :)

This was created not by me. But I have heard this rule so many times. Dozens. Maybe hundreds

Good thing is they were able to stop the theft and secured peoples fund. That they speaking out the truth is good.

Let's look at the bright side of this. It appears that #Binance knew about the issue fairly quickly and took action to mitigate theft by disabling withdrawls. They also did a reasonable job communicating on #Twitter and they also got withdrawals enabled in a reasonable amount of time. This incident actually increased my confidence in the platform because it shows that they are running an organization that knows they are a target and are clearly prepared to respond to issues when they do arise. Imagine how many hack attempts they get that they are able to fend off so we never hear about them.

Agreed, they did get onto it very quickly and prefessionally

I love Binance because they are so open about what is going on with response to their site... If anyone out there trading crypto on Binance, do yourself a favor and go find them on twiiter

Great sum up! Agree, think we all need to take action to promote steem. I drive a lot of traffic from Twitter and think it's important to raise awareness on steemit!

Did an analysis on the future price of Steem here:

STEEM - Analysis - The Future For STEEM Price ($31) https://steemit.com/steem/@benkalashnikov/steem-analysis-the-future-for-steem-price-usd31

Screen Shot 2018-03-08 at 17.33.31.png

@benkalashnikov with that sort of price prediction I will be a happy man...

I am crossing my fingers and toes that it gets there next month and a $100 by the end of the year :) (This might be wishful thinking though!)

Well Then I better go try get some more while the price is so good...

Totally! I think it is a really good price. I would buy more myself right now but I invest in an index and steem is not yet included in it.

When will it get to $1000. I think then I will just retire :)

This is why you never keep your coins on an exchange. Make your trades, get your coins and get the heck outta Dodge. Invest in a hardware wallet...

And if you do get hardware wallets such as ledger nano, trezor, or keepkey....it would be wise to buy from the company itself. Not from a 3rd party.

Some strange times in crypto lol

Everyday is rollercoaster ride. I recently got into it, every week there is something. Right when you think the storm is over, something new pops up.

At least it's not boring lol I'm still learning everyday after spending 2 years in crypto. Ive recently realized that the knowledge Ive learned is more valuable than all the profits Ive made in the market.

Very strange

I think that they have a positive side too as they have informed about the issue in social sites

Exchanges are for exchanging coins. If you want to avoid being hacked and want to actually control your crypto, keep it in a hardware wallet. If you keep it on an exchange you have no control over it. It’s usibg a trusted third party and no different from keeping cash in a bank.

We need to get steem dollars listed on there too
now steem is worth more than sbd again...i liked it better when 1 sbd got you more than 1 sp

Interesting

The Binance auto risk management system may have just saved them from a huge embarrassment

If I were you guys I would move all my crypto from Binance to personal wallets as binance seems kinda shaky as of recently

It is not the Binance that is guilty for phishing attacks. But Binance is new and have not fixed all the holes in it. However, it does its job quite well by acting fast and informing public about issues right away.

Yes and they definitely should sooner rather than later or else it can cause massive problems for the space eventually

Good to know @kingscrown ! A binance hack have the potential to make me a homeless ;-) because I invested more than what I can afford to loose !

That's quite irresponsible. I wrote some advices the other day, and probably the very most important one is ... don't put more on binance than what you can afford to lose :-)

Yes. Even though it's going pretty well now and is projected to do even better in the future, absolutely nothing is guaranteed. With any investing, you should only spend what you can afford to lose if it all goes to 0. That includes crypto.

In addition to the obvious risk that the value of investments may fall, there is also the risk of accounts getting hacked, exchange getting hacked, exchange going bankrupt, etc - potentially causing all holdings on binance to disappear.

Definitely! Don't put all of your crypto eggs in one digital basket. I would suggest people HODL lots of it in secure hardware wallets and only trade with a responsible percentage of their whole portfolio, and don't use just one exchange if you can avoid it.

Surely is a great advice @tobixen ! Will give it a serious thought !

I think Binance is doing exceedingly well, I prefer them to others

I think some coins did get stolen from some users binance is being a bit disingenuous which is understandable. But this incident does show that they are very quick to respond with other exchanges this could have been a lot worse if not fatal.

"There are still some users whose accounts where phished by these hackers and their BTC were used to buy VIA or other coins. Unfortunately, those trades did not execute against any of the hackers’ accounts as counterpart. As such, we are not in a position to reverse those trades. We again advise all traders to take special precaution to secure their account credentials."

Wow. How interesting. And confidence boosting that the problem hack was caught and halted so quickly!

Great defense! Wonder what or how they go about trying to find the culprit...

Honestly, all this fud makes me want to hibernate till the fall. Binance is getting attacked obviously, decentralized exchange vs the FEC there are plenty of people who want to keep 3rd parties in control of the world economy. So thats what I see. I also see an opportunity for new investors to get in so yeah guys i agree with above lets create some steem buzz as much as we can on all the exchanges. Hold tight and buy in bulk is my plan! Much love!

thanks for the information. can be useful for all members of steemit.

I love Binance too, I just find it a little sketchy they tried to say that nothing was wrong..

important information for steemian

Congratulations @kingscrown, this post is the second most rewarded post (based on pending payouts) in the last 12 hours written by a Hero account holder (accounts that hold between 10 and 100 Mega Vests). The total number of posts by Hero account holders during this period was 411 and the total pending payments to posts in this category was $8015.37
DQmW3tZ6xCq3Qc3RZmciv2Y6mJuck4cJM7md7shbwmh1p3V_640x480.png

They did an excellent job of shutting it down with a quickness . That actually give me more confidence in them than before.

binance reaction to hackers

please upvote my account. thanks.

Binance is great. Like them better than Bittrex. Smart move on their part. Heard some rumors from credible sources about adding some new currency.

i thought it was 2FA, but they say it was the APIs fault. Anyway. tokens were on sale if you were lucky

Your post is golden sir .... i just follow your post
..so kindly follow my post thanks for sharing

I haven't checked my account yet. I really hope that i still have all of my positions. Geez I love Binance compared to other exchanges.

Congratulations, your post received 40.24% up vote form @spydo courtesy of @kingscrown! I hope, my gratitude will help you getting more visibility.
You can also earn by making delegation. Click here to delegate to @spydo and earn 95% daily reward payout! Follow this link to know more about delegation benefits.

Wow... Despite my love for Binance, i have not experienced such abnormality as i got to know it from you and started using it since that day. I beleive it is just a hitch or snag that will be rectified soonest.

You got a 45.59% upvote from @brupvoter courtesy of @kingscrown!

Phishing is way tooo easy.
I believe URLs is going to become THE weakest link.

Especially now that ICANN is run by the UN.
The trouble is IP addresses and hardware addresses have other problems.

I feel we are going to need smart browsers that lock to a smart server.
And further, need to highlight to humans, those two little dots when the phishing attempt happens.

Very nice article and important information.

Hello friend @kingscrown Binance is attacked obviously. Since the exchange disaggregated against him (FEC) since there are many people who want to keep intermediaries in control of the universal stock market.

binance absolutely new to me, thanks for providing details.

The only reason why I love Binance is because there's steem in there and the have decent mobile app. The rest, I don't know. They have weird issues to be honest.

This could have been catastrophic for some people. Good thing Binance went to the rescue .

would you please check how is this decentralized exchange and chat

Very informative, amazing.

Dude can you quote the source of this story?

Thanks a lot for the report. That sure was a slick and well-planned hacking operation! Right down to laundering the money. Just think of what would have happened if the gang had picked a popular coin to launder: it'd be more difficult, but it would also be less detectable.

It seems only a matter of time before another gang tries it. I have to grudgingly give the hackers credit for being clever enough to realize that crypto can be laundered through an exchange.

Nice to find out what really happened. When the news spread around, Bitcoin itself plummeted. Your report cleared up the mystery.


P.S.: Withdrawals are back up: at least, withdrawals in Bitcoin are. I just made one and it seems to be going through.

Binance just seems to handle every situation in a professional matter. For me, it is the best exchange by far and even tough it is never a good idea to leave large amounts of money on exchanges, with Binance at least you can have a little more piece of mind.

Also, being run in such a good way, means that other exchanges will need to follow suit in order to survive. This is why competition is good for crypto.

Congratulations @kingscrown, this post is the second most rewarded post (based on pending payouts) in the last 12 hours written by a Hero account holder (accounts that hold between 10 and 100 Mega Vests). The total number of posts by Hero account holders during this period was 411 and the total pending payments to posts in this category was $8015.37. To see the full list of highest paid posts across all accounts categories, click here.

If you do not wish to receive these messages in future, please reply stop to this comment.

Seem like binance did a good job.Good post.

Nice post @kingscrown, thanks for share this information....

Me personally, Find it to be a challenge ducking hackers when dealing with exchanges. You can loose it from hackers before even making the trade. So what can you really do when trying to make an exchange. Pray your coins make it then make what trades you want for the day then move back to wallet. I have several wallets for trading I only auto trade with my miners. This eliminates the issues, albeit time consuming since it trades in my sleep and returns my traded coins. Try using an auto trading pool to avoid having to deal with exchanges at all. Now if the mining pool gets hacked well then we have a problem. As of now it's been a better option rather than chasing the market movement.

Did Bitcoin really lose $1500 because of a Binance hack or is there more to this slide?

It is really a very strange day in the history of binance.

There are 2 pages
Pages