Russian Collusion? Binance Closing in on Hacker

Tuesday, 20/03/2018 | 11:26 GMT by Arnab Shome
  • Though the exchange has narrowed down the location, there is not yet enough information to make an arrest.
Russian Collusion? Binance Closing in on Hacker
Finance Magnates

After a failed attack on March 7th, Binance, one of the world’s largest cryptocurrency exchanges, today announced an update on its investigation to catch the culprit.

Though the Exchange has not landed on anything solid yet (i.e. nothing which might lead to an arrest), it has made considerable progress in narrowing down its search area. Despite many layers of decoy IP addresses, based on the available pieces of information on the domains used for the phishing attack and the relevant domain registration information, Binance has narrowed down the region of the IP used in the attack - Lipetsk, Russia.

Binance's official statement, published in Medium, says: “In addition, a victim of the attack provided us with their signed consent to release the IP address associated with the API key creation on their account. The IP address (213.87.134.39) resolves to Lipetsk, Russia.”

Though the exchange is skeptical about the accuracy of the determined location, it is quite sure that the originating IP was somewhere in Eastern Europe.

“It is safe to assume that this is not an accurate location or IP address of the attacker and they may be utilizing a VPN or another service to obfuscate their identity. However, after cross-referencing this information against the registrants of the domains above, it is safe to assume that the attacker(s) may reside in Eastern Europe,” it added.

One of the largest crypto pump-and-dumps

On the 7th of March, 31 accounts of Binance customers suddenly began buying Viacoin, a relatively low-value cryptocurrency, with Bitcoin . As a result of this, the price of Viacoin rose dramatically. The buyers then attempted to sell the tokens, but were prevented from doing so by an automatic block mechanism in the Binance system.

Comment from discussion UPDATE! Binance Hacker Bounty Progress Update - March 19th, 2018.

According to the exchange, the involved accounts were compromised between January and the day of the attack. The activity was well planned and the hackers did not make any premature moves which may have raised suspicion.

Afterward, Binance announced a bounty of up to $250,000 for information leading the arrest of the attacker. Moreover, the exchange revealed that it has set aside $10 million as reward money in case of any future hacks.

After a failed attack on March 7th, Binance, one of the world’s largest cryptocurrency exchanges, today announced an update on its investigation to catch the culprit.

Though the Exchange has not landed on anything solid yet (i.e. nothing which might lead to an arrest), it has made considerable progress in narrowing down its search area. Despite many layers of decoy IP addresses, based on the available pieces of information on the domains used for the phishing attack and the relevant domain registration information, Binance has narrowed down the region of the IP used in the attack - Lipetsk, Russia.

Binance's official statement, published in Medium, says: “In addition, a victim of the attack provided us with their signed consent to release the IP address associated with the API key creation on their account. The IP address (213.87.134.39) resolves to Lipetsk, Russia.”

Though the exchange is skeptical about the accuracy of the determined location, it is quite sure that the originating IP was somewhere in Eastern Europe.

“It is safe to assume that this is not an accurate location or IP address of the attacker and they may be utilizing a VPN or another service to obfuscate their identity. However, after cross-referencing this information against the registrants of the domains above, it is safe to assume that the attacker(s) may reside in Eastern Europe,” it added.

One of the largest crypto pump-and-dumps

On the 7th of March, 31 accounts of Binance customers suddenly began buying Viacoin, a relatively low-value cryptocurrency, with Bitcoin . As a result of this, the price of Viacoin rose dramatically. The buyers then attempted to sell the tokens, but were prevented from doing so by an automatic block mechanism in the Binance system.

Comment from discussion UPDATE! Binance Hacker Bounty Progress Update - March 19th, 2018.

According to the exchange, the involved accounts were compromised between January and the day of the attack. The activity was well planned and the hackers did not make any premature moves which may have raised suspicion.

Afterward, Binance announced a bounty of up to $250,000 for information leading the arrest of the attacker. Moreover, the exchange revealed that it has set aside $10 million as reward money in case of any future hacks.

About the Author: Arnab Shome
Arnab Shome
  • 6613 Articles
  • 97 Followers
About the Author: Arnab Shome
Arnab is an electronics engineer-turned-financial editor. He entered the industry covering the cryptocurrency market for Finance Magnates and later expanded his reach to forex as well. He is passionate about the changing regulatory landscape on financial markets and keenly follows the disruptions in the industry with new-age technologies.
  • 6613 Articles
  • 97 Followers

More from the Author

CryptoCurrency

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|} !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}