Binance Hack Linked To Viacoin Pump (Official Update)

This article explains how and what happened in relation to the Viacoin pump on Binance. After some speculations about a corrupted trading bot, it seems the hackers have used phishing to collect as much user credentials. Let’s find out. First of all, Binance isn’t compromised or hacked. So, what did actually happen? On Mar 7, UTC 14:58–14:59, within this 2 minute period, the VIA/BTC market experienced abnormal trading activity. Binance their automatic risk management system was triggered, and all withdrawals were halted immediately. This was part of a large-scale phishing and stealing attempt which happened earlier. The hackers accumulated user account credentials over a long period of time using phishing. The earliest phishing attack seems to have dated back to early Jan. However, it was around Feb 22, were a heavy concentration of phishing attacks were seen using unicode , with the only (a letter like — ) Many users fell for these traps and phishing attempts. After acquiring these user accounts, the for each account but took no further actions, until yesterday. domains, looking very much like binance.com difference being 2 dots at the bottom of 2 characters ņ source hacker then simply created a trading API key Source: www.tenor.com Yesterday, within the aforementioned 2 minute period, the hackers used the API keys, placed a large number of market buys on the VIA/BTC market, pushing the price high, . The hackers managed to create a pump for Viacoin where the price increased from approximately 0.0002532 till 0.025 (10,000% increase). This was an attempt to move the BTC from the phished accounts to the 31 accounts. from these accounts immediately afterwards. while 31 pre-deposited accounts were there selling VIA at the top Withdrawal requests were then attempted The hacker had probably accumulated Viacoin over the last few weeks and placed high sell orders. In addition, Viacoin has a very low liquidity with just over 11 BTC worth of Viacoin being traded over the past 24 hours. This allowed the hacker(s) to easily clear the orderbook in order to fulfill the remaining high sell orders. Why Viacoin? ? Why choosing a coin which such a low liquidity The hacker probably choose for the Viacion route as trading bots usually don’t have the permission to withdraw money to another address. Mr. Hacker, you’ve been a naughty clever boy! However, as , none of the withdrawals successfully went out. Additionally, the VIA coins deposited by the hackers were also frozen. Not only did the hacker not steal any coins out, their own coins have also been withheld. According to the Binance announcement, so far: All funds are safe and no funds have been stolen. withdrawals were already automatically disabled by Binance their risk management system Source: www.tenor.com The hackers were well organized. They were patient enough to not take any immediate action and waited for the most opportune moment to act. They also selected VIA, a coin with smaller liquidity, to maximize their own gains. After a thorough security check by Binance, we resumed withdrawals. Trading functionality was never affected. There are still some users whose accounts where phished by these hackers and their bitcoins were used to buy VIA or other coins. Unfortunately, those trades did not execute against any of the hackers’ accounts as counterpart. As such, we are not in a position to reverse those trades. We again advise all traders to take special precaution to secure their account credentials. Source: www.giphy.com This hack has probably as the price as Binance hack rumors surfaced. The rumors started when Reddit users started reporting about missing coins or coins being traded without their permission. indirectly affected the price of Bitcoin slid below $10,000 and assets wiped out 20% of prices Source: https://support.binance.com/hc/en-us/articles/360001547431 Source: www.giphy.com