Friday, February 3, 2023

What Really Happened to Binance and Viacoin Yesterday?

What Really Happened to Binance and Viacoin Yesterday?

Popular multi-token exchange Binance froze all trades yesterday, in response to irregular activity from several accounts. Specifically, a large number of accounts simultaneously dumped their altcoins for BTC, and from there, started buying up Viacoin on the exchange, skyrocketing the price of the little-known altcoin. Here’s our take on what really happened.

Also see: The Ryan Gosling ICO Wasn’t the First with a Fake Team. Protect Yourself.

Subscribe to the Bitsonline YouTube channel for more great interviews featuring industry insiders & experts

Not a Hack, but… A Trading Bot?

The immediate response from Binance’s user base was to suspect a hack. Some even attributed yesterday’s BTC price plunge to yet more lax security on crypto trading platforms.

However, apart from a few terse tweets from company CEO Changpeng Zhao, users were left guessing as to what was happening. Some accused the exchange of malicious bot trading, and others spread their own theories in the vacuum of uncertainty left by Binance’s freeze.

Even the lead developer of Viacoin commented on the issue, placing the blame with less savvy Tron bagholders:

So Here’s What Happened

Today, Binance put out an official release detailing what actually happened that led to several accounts’ sudden love for Romano’s crypto project. The details, while less fanciful than some of the speculation leading up to disclosure, are equally concerning:

In summary, hackers ran a two-month phishing campaign, using a technique called homograph replacement, wherein an attacker uses a visually similar character (often from a non-English language) to register a domain that looks identical to the real one, but in reality has one or more letters replaced with false characters.

In this case, the attackers used bịnạ instead of the correct — note the accents on the vowels in the fake domain. Didn’t see them at first? That’s why it’s a problem.

The fake link was then distributed on social media and messaging apps, in an attempt to trick users into clicking them, giving the hackers a window to steal their credentials.

What happened here?

The Phishers Move In

The actual attack was well coordinated, with the affected users being forced to empty their balances into Viacoin, which they were buying from the hackers at a premium. This all happened in a span of 2 minutes. Binance even commented on the level of orchestration involved in their incident report:

“The hackers were well organized. They were patient enough to not take any immediate action, and waited for the most opportune moment to act. They also selected VIA, a coin with smaller liquidity, to maximize their own gains.”

Luckily though, Binance was able to freeze withdrawals before the attackers could cash out their earnings, and reversed the malicious trades.

This marks one of the first occasions where would be hackers may have lost money on an exchange attack. The phishing campaign and previous buy-up of Viacoin wasn’t free, and without an ROI, the BTC presumably sunk into their illegal venture is gone for good.

Does this sound like a plausible account of what happened at Binance? Share your thoughts below if you have them.

Images via Pixabay

Bitsonline Email Newsletter