Binance blocks APIs after breach while hacker(s) shuffle stolen funds

Due to irregular trading on some APIs, Binance announced to restrict all currently existing API keys to have trading functionality only, according to a press statement by the Malta-based digital asset exchange. News reports suggest hackers are shuffling the compromised 7,000+ bitcoin.

After the API keys have been removed in full, API users can choose to recreate their API keys now to receive the full functionality of API usage going forward, Binance said. These newly created API keys will not be removed, the press statement added.

Hackers withdrew 7,000+ bitcoin (BTC) — worth of more than €36m — and obtained a large number of user API keys, 2FA codes, and potentially other information through a large scale security breach on Malta-based digital asset exchange Binance’s platform.

Hacker(s) appear shuffling funds

After the hacker(s) stole the funds, 1,214 BTC was moved to new addresses, followed by another 1,337 BTC moved to two new addresses, according to the Twitter feed of blockchain services company Coinfirm that monitors the movement of the funds.

Given the transparent nature of the bitcoin blockchain, transactions are easy to follow, however it difficult to perform real forensics on the wallets in order to understand who — or what — created them, according to a report by online crypto daily Coindesk.

Citing crypto journalist Amy Castor, Coindesk writes that the compromised funds are most probably being broken up and transferred to several wallets in smaller amounts to make tracking of the transactions more difficult.