Binance, one of the world’s biggest cryptocurrency exchanges by trading volume, has offered a reward equivalent to $250,000 to anyone providing information that leads to the arrest of hackers who attacked the platform last week.
For two minutes on March 7th, the Binance platform saw abnormal trading activity, which caused automatic protection systems to trigger, blocking any withdrawals.
The exchange
explained that it had seen sophisticated phishing attacks targeting its users since early January, and around February 22nd there was a sharp uptake in phishing emails pointing to similar-looking domains but using
unicode characters (under the “i” and the “a” of “binance.com”
Reports suggest that many of the compromised accounts did have two-factor authentication (2FA) enabled for a higher level of protection. Unfortunately for them, their 2FA codes were valid for 30 seconds or so, meaning that once the code had been given to the phishing site the attackers could generate an API key and use it to access the real site.
All very sneaky. But whoever seized control of the accounts appears to have bided their time, choosing not stealing cryptocurrency immediately but instead creating a trading API key for each hacked account.
...........
...........
...........
