Cryptocurrency was built as a medium of exchange for financial transactions online, and it's been marketed as safe and secure. Throughout the years, however, cryptocurrency sites such as Bitcoin has been breached by black hat hackers.
Binance, one of the world's largest cryptocurrency exchange, announced on Tuesday that hackers stole more than $40 million worth of bitcoin from customers in a "large-scale security breach."
The Taiwan-based company's chief executive officer Changpeng Zhao said in a statement that hackers stole 7,000 bitcoins, with 1 bitcoin equals to $6,000, in just one swooping transaction. Withdrawals on the platform have been suspended, but trading is still allowed.
Since there is no other way to retrieve the stolen bitcoin, this poses a question: is cryptocurrency safe at all?
Binance Hack: $40 Million Worth Of Bitcoin Stolen By Hackers
The hack targeted the company's "hot wallet" as opposed to its "cold wallet." The difference between the two is that a hot wallet is a digital storage that's connected online and is used for liquidity, while a cold wallet is bitcoin stored offline. The good news is that Binance keeps only 2 percent of its bitcoin on the hot wallet. Otherwise, the hackers would have stolen more.
Zhang said the hackers were able to employ various methods to complete their heist, such as phishing, viruses, and other attacks. Aside from the $40 million worth of bitcoin stolen, hackers managed to steal user information such as two-factor authentication codes, which are required to log in to accounts.
What's more, hackers executed well-orchestrated actions through multiple seemingly independent accounts, which duped Binance's security checks.
"It was unfortunate that we were not able to block this withdrawal before it was executed," Binance said.
Once the withdrawal was completed, it triggered various alarms in the site's system, and so all withdrawals were immediately stopped after it.
As of writing, Binance is still conducting an investigation on the hack and has planned to perform a security review on all its systems and data, which will last for a week.
The company also warned that hackers still have control over certain user accounts and may exploit those accounts again. In the meantime, Binance has used its Secure Asset Fund for Users to give back the lost bitcoin to the victims of the heist.
Bitcoin Keeps Getting Hacked, So Is Cryptocurrency Safe At All?
Statistics from the Wall Street Journal reveal that roughly $1.7 billion in cryptocurrency has been stolen by hackers throughout the years. One of the biggest bitcoin heists in recent history was the collapse of Japan-based bitcoin company Mt. Gox after it lost $460 million to hackers in 2014.
In 2016, crypto exchange company Bitfinex also lost $72 million worth of bitcoin to hackers. At least 119,756 bitcoin had been stolen from user accounts' segregated wallets. Lastly, in 2018, $500 million worth of bitcoin were stolen from exchange company Coincheck.
The same technique that keeps bitcoin safe is also what makes it vulnerable to hacking. Once users have their two-factor authentication keys, their account is secure, but when these keys are taken by someone else, it could spell trouble.
When bitcoin heists occur, international and local law enforcement get involved in tracking the criminals down. In fact, the Federal Bureau of Investigation has taken action against bitcoin thieves and other criminal uses of cryptocurrency.
Although investing in bitcoin is risky, some experts believe there are safer options to store bitcoin. For instance, cold wallets are better than hot wallets because the point is to store bitcoin, not to trade it.
Peter van Valkenburgh of the public policy advocacy group Coin Center told Vox that the best way to get invested in bitcoin is to choose a large operation, pick one that's regulated by laws, and pay attention to best emergent practices that use cold storage and has insurance.
Photo: Mark Mathosian | Flickr