It appears Binance was hacked:
twitter.com
BINANCE HACKED
Owen Myers
Other urls found in this thread:
coinmarketcap.com
twitter.com
David Parker
Market agrees
Dominic Rivera
Jeremiah Wright
1. We already know faggot
2. Only happened to the faggots who gave api keys to third parties (aka retards). They deserved it.
My binance funds are comfy.
Josiah Baker
>2. Only happened to the faggots who gave api keys to third parties (aka retards). They deserved it.
Get rekt botters.
ahahaha
Charles Morales
show me your pinkest wojack user
Colton Long
time 2 buy
Noah Butler
I also work at binance so I can confirm it wasn't binance fault
Juan Jenkins
>BITTCOIN IS THE FUTURE
>ITS SO SECURE NO ONE CAN TOUCH IT
And yet we have bittcoin hacks that steal billions of dollars every weak.
amazing technology
Blake Howard
>Have a technology that is decentralized
>People store them on a centralized exchange
Why
Ian Long
this 2bh f4m
nobody can take any crypto seriously until the majority of people start using decentralised exchanges although I doubt this will ever happen
Carter Gonzalez
>YOU ARE YOUR OWN BANK
>puts money on an exchange
>doesn't secure own wallet
amazing hopes of future progress dashed in an instant
Nathaniel Myers
exchanges arent even on-chain
they can just rollback their database and all is fine
there's literally no reason for them not to immediately do this, they'd lose all credibility unless they can prove how the hack happened and it only happened due to human error of all those users
Jonathan Cook
Those who went into tether would lose money.
Jack Sullivan
mfw tethered up at 11636 because daily stochastic was oversold and expected correction
Jace Thompson
I gave my API keys to an app but only with read access, as of yet nothing's been compromised. Am I safe? Or I revoke access to API key?
Lincoln Anderson
so would people who sold via on ath
but desu this is a pretty easy decision for binance
Leo Rogers
imo binance used a simple algorithm to bind api keys to the user account, so it doesnt matter if you gave access to them, hackers probably found a way to regenerate them based on something available
they could also have brute forced them over months and just accumulated a long list of those that work, this can go undetected because they dont have to actually do trades to test if the tokens work
its another nice side effect of having massive mining farms if that you can brute force such things relatively easy
Brayden Allen
I'm not concerned, my $76.23 is right where I left it
Kayden Murphy
>ah, the weekly Binance hack
Colton Perry
Read access means you're fine. Anything else is FUD.
John Miller
>Americans wake up
>Instead of lurking on the latest news, they go to twitter and read literal who's post and post on Veeky Forums like they're knowledgable about something instead of being ignorant as always
Gavin Jones
this. also happened on other exchanges
Josiah Allen
This is complete nonsense technical mumbo jumbo made to scare people.
There is no "simple algorithm" to bind api keys to a user account. The api key is a database field with an id that points to an account based off the account's id. There's no fucking algorithm, it's simple database shit.
Explain to me how a hacker "regenerates" api keys through brute force. Explain what that means.
Jesus fuck who is paying you ?
Matthew Adams
Source
Hunter Clark
>Americans wake up
>They lost their money due to "hacks"
Fucking mutt brainlets lmao
Angel Rodriguez
>keeping your coins on an exchange
Literally deserve everything that happens to you if you do this.
Jace Evans
STFU retarded burger what he says makes complete sense, weak salting. Go back to facebook retard.
Owen Wilson
Why is my twitter on Veeky Forums? This was old news before I even tweeted it. Delete this.
Connor Roberts
nothing to do with the exchange platform, newfag
Sebastian Turner
So the hacker already withdrew all the btc?
Cameron Miller
Sauce?? For the love of god, sauce
Caleb Gutierrez
B-BUT ASIANS ARE THE MODEL MINORITY. THEY DON'T COMMIT CRIMES. THEY DIDN'T HACK THE BOT ALGORITHMS ON PURPOSE TO STEAL BTC FROM STUPID WESTERNER KEKS. ONCE CHINA RULES THE WORLD, WE WILL ALL BE IN GOOD HANDS.
Jackson Thomas
It's not an exchange hack, you fucking idiots.
There are only 2 scenarios that could have happened, neither of which where Binance was at fault:
Scenario 1:
>Phishing site
Scenario 2:
>Malware, probably injected through ICO websites.
Whichever happened, they probably played it off something like this:
>Users entered their login + 2FA
>The attackers logged in with these settings on the users Binance account, activated trading APIs, stored the keys and lied in wait
>They emptied whichever accounts didn't have 2FA, and did a co-ordinated pump and dump with all the accounts using 2FA, because of the impossibility of withdrawing from the accounts
Jason Evans
Everyone knows the Chinese are autistic turbo-Jews. They just don't stab you randomly on the street like niggers do. Only the Japs are honorabor.
Asher Morgan
i didnt say thats exactly what happened, but obviously api keys are generated from something, like a generator algorithm
its unlikely that they used a completely random algorithm and just kept them in a database entry because that makes it impossible to verify if a token belongs to a user without having access to the database, you'll also want to do this offline or within a program that can't check the database hundreds of times per second. thus there probably IS a "simple" correlation from useraccount to api keys, in the worst case it could be the hash of the sending address (a complete guess obviously, would be criminally incompetent since they're all publicly available)
this is all hypothetical because I do give people the benefit of the doubt that they havent been sharing their api keys en masse as it seems to be the case. brute forcing is always a possibility, never argue with it, especially if its just a short string of defined characters