Changpeng Zhao (CZ), CEO of major crypto exchange Binance, has updated reporters on the exchange’s security revamp and investigation into this week’s $40 million hack in a security incident update shared with Cointelegraph on May 10.
The CEO also apologized for having fuelled community concerns by openly discussing the possibility of incentivizing a blockchain re-organization — or transaction rollback — as a possible response to the attack.
As reported, Binance suffered a major and premeditated hack on May 7, which reportedly resulted in the theft of around 7,070 bitcoin (BTC) — worth over $40 million at the time — from the exchange’s hot wallets in a transaction that went undetected by the firm’s security systems.
The attack was reported to have been conducted by tactics that included phishing and viruses to obtain a large number of 2FA codes and API keys. In his security update, CZ said he was restricted in sharing too many details of the exchange’s response to the incident, noting that:
“Hackers are reading every word we post and watching every AMA we host. Sharing too many security details actually weakens our security response strategy.”
Nonetheless, the CEO did disclose that the exchange team was ostensibly making progress in significantly revamping its security measures, procedures and practices. He anticipates that some of the changes will be implemented within this very week, and that a great deal more changes will follow going forward.
Of particular focus, CZ noted changes to the areas exploited by the perpetrators of the theft — namely Binance’s API, 2FA and withdrawal validation areas. He also revealed the platform is aiming to improve its risk management, user behaviour analysis, Know Your Customer procedures and anti-phishing tactics, as well as revising other back-end security measures.
Notably, CZ also used the security incident update as an opportunity to apologize for having sparked a controversy in the crypto community by publicly raising the consideration of undertaking a possible blockchain re-org or rollback in the wake of the hack. He said:
“Given how much I talk, I sometimes say the wrong stuff, dirty words like ‘reorg’, for which I apologize. It is my strong view that our constant and transparent communication is what sets us apart from the “old way of doing things”, even and especially in tough times.”
As reported, both during a post-hack live AMA and in a tweet thereafter, CZ had revealed that Binance had considered — but rejected — the idea of responding to the hack with a re-org: i.e. taking steps to incentivize miners to form a consensus to wield 51% of the network’s hashing power to reorganize the blockchain’s transactions after the loss.
Heeding the intense critique of such a move from members of the community and industry experts, the CEO and exchange decided against the attempt, citing the likely reputational damage to bitcoin and threat to its immutability and decentralization principles.
To press time, Binance is ranked 7th largest exchange globally, seeing a 52.25% recovery surge in daily trade volume.
Bitcoin
Binance CEO Publishes Security Incident Update, Apologizes for Blockchain Re-Org Comment
Changpeng Zhao, CEO of major crypto exchange Binance, has updated reporters on the exchange’s security revamp and investigation into this week’s $40 million hack
By
ioBanker
Changpeng Zhao (CZ), CEO of major crypto exchange Binance, has updated reporters on the exchange’s security revamp and investigation into this week’s $40 million hack in a security incident update shared with Cointelegraph on May 10.
The CEO also apologized for having fuelled community concerns by openly discussing the possibility of incentivizing a blockchain re-organization — or transaction rollback — as a possible response to the attack.
As reported, Binance suffered a major and premeditated hack on May 7, which reportedly resulted in the theft of around 7,070 bitcoin (BTC) — worth over $40 million at the time — from the exchange’s hot wallets in a transaction that went undetected by the firm’s security systems.
The attack was reported to have been conducted by tactics that included phishing and viruses to obtain a large number of 2FA codes and API keys. In his security update, CZ said he was restricted in sharing too many details of the exchange’s response to the incident, noting that:
Nonetheless, the CEO did disclose that the exchange team was ostensibly making progress in significantly revamping its security measures, procedures and practices. He anticipates that some of the changes will be implemented within this very week, and that a great deal more changes will follow going forward.
Of particular focus, CZ noted changes to the areas exploited by the perpetrators of the theft — namely Binance’s API, 2FA and withdrawal validation areas. He also revealed the platform is aiming to improve its risk management, user behaviour analysis, Know Your Customer procedures and anti-phishing tactics, as well as revising other back-end security measures.
Notably, CZ also used the security incident update as an opportunity to apologize for having sparked a controversy in the crypto community by publicly raising the consideration of undertaking a possible blockchain re-org or rollback in the wake of the hack. He said:
As reported, both during a post-hack live AMA and in a tweet thereafter, CZ had revealed that Binance had considered — but rejected — the idea of responding to the hack with a re-org: i.e. taking steps to incentivize miners to form a consensus to wield 51% of the network’s hashing power to reorganize the blockchain’s transactions after the loss.
Heeding the intense critique of such a move from members of the community and industry experts, the CEO and exchange decided against the attempt, citing the likely reputational damage to bitcoin and threat to its immutability and decentralization principles.
To press time, Binance is ranked 7th largest exchange globally, seeing a 52.25% recovery surge in daily trade volume.
More in Bitcoin
Bitcoin
Don’t be naive — BlackRock’s ETF won’t be bullish for Bitcoin
Are regulators trying to disarm crypto-native companies in order to pave the way for Blackrock to...
Bitcoin
US SEC deems spot Bitcoin ETFs filings as inadequate: Report
In the eyes of the SEC, the recent filings from BlackRock, ARK Invest, Fidelity and other...
Bitcoin
Bitcoin ‘overreacting’ as SEC returns ETF filings, BTC price dives 6%
Bitcoin ETF applications need refiling, the SEC says, but as BTC price dips to $29,500, markets...
Bitcoin
Will BlackRock’s ETF slingshot Bitcoin’s price skyward?
Have the world’s largest financial firms finally “seen the light” with Bitcoin? Will demand outstrip supply,...
Bitcoin
Why approving a Bitcoin ETF might unleash $18 billion in sell-pressure
Grayscale GBTC Trust conversion to an ETF will unlock a potential sale of up to $18...
Trending
Bitcoin
SEC Sues Kik for Conducting Allegedly Unregistered $100 Million ICO in 2017
Altcoins
Head of Facebook’s Libra Distances it from BTC: we’ll Share Information with Authorities
Altcoins
HashCash Consultants to Launch ‘Corona Fund Index Cryptocurrency’
Bitcoin
Overview of Software Wallets, the Easy Way to Store Crypto
Bitcoin
Is Blockchain Necessary? An Unbiased Perspective