Binance hit: Advanced attack compromises data

In the spring of 2019, the [Internal Link Placeholder] world was shaken when Binance, then the world's largest cryptocurrency exchange, announced an advanced [Internal Link Placeholder] attack. On May 7, 2019, at 17:15:24 UTC, Binance's security team detected abnormal activity in the platform's 'hot wallet' – a digital wallet from which the perpetrators stole 2% of the company's total bitcoin holdings. Through a sophisticated combination of phishing attacks, virus infections, and social engineering, the unknown perpetrators had gained access to sensitive user data, including API keys and two-factor authentication codes, constituting a serious form of [Internal Link Placeholder].

$40.7 million lost: Hackers take 7,000 bitcoins

In a single, perfectly timed transaction, the attackers managed to withdraw 7,000 bitcoin – valued at $40.7 million. This hack was cleverly executed via multiple, seemingly independent accounts, mimicking normal activity to avoid [Internal Link Placeholder] detection, explained Binance's then-CEO, Changpeng Zhao (CZ). However, the massive transaction immediately triggered alarms at Binance.

Market shaken: Binance halts withdrawals

News of this [Internal Link Placeholder] sent shockwaves through the [Internal Link Placeholder] market. The price of Bitcoin fell by 4.2 percent in Asian trading, illustrating the close connection between the security of major crypto exchanges like Binance and overall market stability. Binance responded promptly by suspending all withdrawals for a week to conduct a thorough security review. Simultaneously, CZ reassured users on Twitter with the now-famous phrase '#fundsaresafu,' a reference to the company's Secure Asset Fund for Users (SAFU). This emergency fund, financed by trading fees, was designed to cover user losses in the event of security breaches and was now facing its first major test.

The hunt: Binance tracks hackers and funds

While Binance worked intensively with security experts and blockchain analysis firms to track the stolen [Internal Link Placeholder], the assessment was clear: the identity of the perpetrators behind this financial crime would likely remain unknown until they attempted to exchange the stolen bitcoin for traditional currency. CZ emphasized the importance of collaborating with other [Internal Link Placeholder] exchanges to freeze potential transfers, signaling a step towards a more coordinated security effort in the crypto industry.

New nightmare: Hackers mint $570M in BNB

The challenges for Binance continued. On October 4, 2022, the exchange faced an even greater threat related to [Internal Link Placeholder]. Hackers exploited a critical vulnerability in the BSC Token Hub, a digital bridge between the Binance Smart Chain (BSC) and the Beacon Chain. Through this vulnerability, they managed to 'mint' – essentially create out of thin air – a full 2 million BNB tokens, equivalent to a value of $570 million. The attackers performed an advanced [Internal Link Placeholder] of proofs in the underlying blockchain technology (specifically Merkle trees) via a fake account, allowing them to bypass existing security checks.

Drastic move: Binance pauses network operations

The hackers' digital [Internal Link Placeholder] route was complex. They quickly converted around $53 million of the stolen [Internal Link Placeholder] into Ether via decentralized protocols within the DeFi space. However, they encountered resistance when attempting to withdraw funds through centralized [Internal Link Placeholder] exchanges. Binance reacted drastically by halting the entire network, having validators freeze all transactions. This was a controversial decision, which critics considered a breach of blockchain technology's fundamental principles of decentralization. CZ defended the action, stating that users' funds were secure, despite vulnerabilities in the code.

Cat-and-mouse: Settlement returns 90% funds

The following weeks saw a nerve-racking cat-and-mouse game unfold between the hackers and security experts. Although around $100 million in [Internal Link Placeholder] was permanently lost, Binance, through extensive collaboration with competing crypto exchanges and law enforcement authorities, managed to track and freeze a significant portion of the stolen funds. This episode of financial crime ended in an unusual settlement: The attacker reportedly [Internal Link Placeholder] 90 percent of the stolen funds in exchange for a 10 percent bounty and an agreement not to be prosecuted – a solution that avoided a potentially lengthy case of [Internal Link Placeholder] and [Internal Link Placeholder].

Exposed vulnerabilities: Reuters on $2.35B

These major incidents revealed systematic vulnerabilities at Binance. A 2022 Reuters investigation further showed that between 2017 and 2021, Binance had allegedly been a conduit for over $2.35 billion in [Internal Link Placeholder], including funds from the notorious [Internal Link Placeholder] [Internal Link Placeholder] group Lazarus Group and the [Internal Link Placeholder] darknet market Hydra. Although Binance disputed the report, which they claimed was based on outdated data, it underscored the urgent need for stricter regulatory compliance to combat financial crime and potential [Internal Link Placeholder]. In 2025, challenges escalated further with allegations of a data leak involving information on 139,000 users, as well as sophisticated social engineering attacks targeting employees. Nevertheless, Binance also demonstrated its ability to respond: In one notable case, their security team helped track and recover $6.1 million after a hack on the KiloEx platform using advanced blockchain analysis and collaboration with authorities.

Ongoing battle: Binance uses AI against threats

Over the years, Binance has been forced to evolve from a reactive to a much more proactive security strategy to counter the constant threat of [Internal Link Placeholder]. The implementation of AI-driven monitoring systems, multi-signature approval, and advanced hardware modules has significantly strengthened the platform's defenses against [Internal Link Placeholder]. But as CZ himself has acknowledged, digital security is an eternal battle in a world where online threats are constantly evolving.

Lessons from hacks: DeFi, SAFU, and human error

These cases of [Internal Link Placeholder] and financial crime highlight the paradoxical challenge within decentralized finance (DeFi). While blockchain technology theoretically promises immutable security, human error and centralized hubs – like major [Internal Link Placeholder] exchanges – remain critical vulnerabilities constantly challenged by criminals. For Binance's individual users, however, the story ended positively in the major attacks: Thanks to the SAFU fund and a targeted effort to recover the stolen [Internal Link Placeholder], no private investors suffered losses. This was a deliberate choice by the company to maintain trust. For the broader crypto world, however, the Binance hacks serve as important lessons. They underscore how security protocols, regulatory compliance, and user [Internal Link Placeholder] must constantly adapt to hackers' increasingly sophisticated attack tactics within [Internal Link Placeholder]. While blockchain technology holds the potential for a future of decentralized trust, these incidents of [Internal Link Placeholder] and [Internal Link Placeholder] remind us that the human factor is often the weakest link – whether it's among users, at exchanges, or with the attackers themselves.

Sources:

• techcrunch.com
• binance.com
• bitdefender.com
• ccn.com
• coindesk.com

Want to read more stories about cybercrime, major hacks, and financial fraud? Follow KrimiNyt and never miss the next in-depth exposé.