After a failed attack on March 7th, Binance, one of the world’s largest cryptocurrency exchanges, today announced an update on its investigation to catch the culprit.
Though the exchange has not landed on anything solid yet (i.e. nothing which might lead to an arrest), it has made considerable progress in narrowing down its search area. Despite many layers of decoy IP addresses, based on the available pieces of information on the domains used for the phishing attack and the relevant domain registration information, Binance has narrowed down the region of the IP used in the attack – Lipetsk, Russia.
Binance’s official statement, published in Medium, says: “In addition, a victim of the attack provided us with their signed consent to release the IP address associated with the API key creation on their account. The IP address (188.8.131.52) resolves to Lipetsk, Russia.”
Though the exchange is skeptical about the accuracy of the determined location, it is quite sure that the originating IP was somewhere in Eastern Europe.
Russians at it again.. Surprise surprise.
— CryptoTime (@Cryptotime007) March 19, 2018
“It is safe to assume that this is not an accurate location or IP address of the attacker and they may be utilizing a VPN or another service to obfuscate their identity. However, after cross-referencing this information against the registrants of the domains above, it is safe to assume that the attacker(s) may reside in Eastern Europe,” it added.
Russians involved in hacking? Never.
— Brittle Egg (@Brittle_Egg) March 19, 2018
One of the largest crypto pump-and-dumps
On the 7th of March, 31 accounts of Binance customers suddenly began buying Viacoin, a relatively low-value cryptocurrency, with Bitcoin. As a result of this, the price of Viacoin rose dramatically. The buyers then attempted to sell the tokens, but were prevented from doing so by an automatic block mechanism in the Binance system.
Comment from discussion UPDATE! Binance Hacker Bounty Progress Update – March 19th, 2018.
According to the exchange, the involved accounts were compromised between January and the day of the attack. The activity was well planned and the hackers did not make any premature moves which may have raised suspicion.
Afterward, Binance announced a bounty of up to $250,000 for information leading the arrest of the attacker. Moreover, the exchange revealed that it has set aside $10 million as reward money in case of any future hacks.