Binance Revamps Withdrawal Security After $41M Bitcoin Theft

The exchange will boost security and oversight in the areas that helped the hacker bypass procedures and withdraw more than 7,000 BTC in one transaction.

Binance will revamp its user API and 2FA, with special care on withdrawal oversight, announced CEO Changpeng Zhao in a recent commentary regarding the most serious hack for the exchange so far.

“We are making significant changes to the API, 2FA, and withdrawal validation areas, which was an area exploited by hackers during this incident. We are improving our risk management, user behavior analysis, and KYC procedures. We are working on more innovative ways to fight phishing. We also have a number of additional security measures being implemented not directly visible on the front end,” announced Zhao.

Binance will also start using a hardware verification element for withdrawals, giving away YubiKey security devices.

The funds stolen from Binance are on the move, distributed a series of transactions to multiple wallets and addresses. While this means harder tracking, this particular series of transactions is closely watched, reminded Zhao. In the past, Binance has also assisted with freezing stolen funds in case hackers attempted to deposit and liquidate the funds.

The next step for Binance would be to renew deposits and withdrawals, which is supposed to happen within days:

“Tentatively, we are looking to resume withdrawals and deposits early next week. We still have a large number of tasks and tests to do, and we are working around the clock on it,” said Zhao.

In the past days, Binance Coin (BNB) distanced itself from the recent peaks, sinking toward $19.45. The asset also sank precipitously from 0.04 BTC down to 0.03 BTC, with volumes also diminishing.

The theft of 7,000 BTC also created misunderstandings about the nature of Bitcoin. A version where Binance accidentally burned the coins by sending them to the wrong type of address was dismissed, after it became clear the hacker could transfer the funds and there was no error related to address incompatibility. Zhao also apologized for hypothesizing about a reorg, or a rollback on the Bitcoin blockchain. The immutability of transactions for the Bitcoin network is seen as an inviolable rule, while other networks allow for censoring or reversing some transfers.

Reading now