Last Wednesday, March 7, the second largest cryptocurrency exchange in terms of market cap – Binance – experienced an attempted hack that lasted around two minutes. The initial attempt was to use Binance to influence the price of VIA coin through a “pump and dump” move and jeopardize the funds of the exchange’s many users. VIA is a relatively small altcoin in terms of value and market cap which can be influenced by fraudulent trades of large volumes. Luckily, the attack was stopped, funds remained intact, and the attackers even lost money on their move when the fraudulent trades were reversed.
Binance described the attack in a blog, and shared how it was remedied:
“As withdrawals were already automatically disabled by our risk management system, none of the withdrawals successfully went out. Additionally, the VIA coins deposited by the hackers were also frozen. Not only did the hacker not steal any coins out, their own coins have also been withheld.”
Binance is Not Just Standing By
In response to the hackers, Binance is seeking the help of the public by offering $10 million for the identities of the attackers. The company is even calling other exchanges to share its mission to make exchanges safer through regulations and improved cyber-security measures.
Binance shows how serious it is through a statement on a post on Medium:
“Furthermore, Binance has currently allocated the equivalent of $10,000,000 USD in crypto reserves for future bounty awards against any illegal hacking attempts on Binance. We have also invited other exchanges and crypto businesses to join our initiative. We welcome their participation at any time.”
The amount seems like a lot at face value. However, the nature of the crime justifies this as proving who was responsible for the attacks will be very difficult to pinpoint since compelling evidence will be needed to prosecute those responsibly. On top of that, a solid case would mean a victim who lost money is present – and there was no one specific victim since the threat was averted.
Even so, this did not let Binance ignore major hack attempts like this. The company decided to offer a $250,000 reward for information leading to the hackers. If the $10 million will not translate into a prosecution, Binance can at least make a call to action to address these hacks or hack attempts. An ulterior motive for the generous sums offered is the Exchange's intention to flaunt its wealth which can also be understood as a sign of strength and seriousness on the matter.
The decentralized nature of cryptocurrency has its drawbacks as exchanges allow users to own their accounts without providing much information on identity. Information on its users cannot be comprehensive enough to easily trace fraudulent activity such as this one since the exchange does not employ a full Know Your Customer (KYC) process. Only an email and IP address were gathered from the attack.