Analysts at COS Development analyzed all aspects of the recent hacking of Binance crypto exchange and concluded that there could be more to the incident. SecurityTrust project founder and cybersecurity expert Vladimir Shutemov points out
Alexei Yurov, an analyst in the investigation of cybercrime in the blockchain sector, comments: “We analyzed the hacking pattern and all the addresses associated with it and this is what we noticed …”
The official statement says that 7000 BTC was withdrawn from the hot wallet of the exchange. The sum itself looks strange – it is too round and careful.
Additional questions arose when it became known that not the entire amount was withdrawn from this address and there remained a substantial balance. Why didn’t the attackers steal everything at once? At the same time, at the time of this writing, the compromised wallet continues to be used.
Analysis of the blockchain allowed us to single out another wallet, which could also be allegedly associated with intruders and from which 74.19295031 BTC was withdrawn. Why representatives of the exchange did not mention it in the official message?
Further analysis of the blockchain allowed us to allocate further movement of funds and seven wallets, to which all the stolen funds were eventually transferred. All these transactions – including small ones – have no sense, as they are unable to hide the movement of funds, but they look very strange.
It should be noted that Binance recently announced cooperation with the company Elliptic, which is engaged in just such investigations. Changphen Zhao (CEO Binance) had the time to mention his special fund SAFU for insuring users of just such events.
Undoubtedly, each event described by us can be explained and in itself it does not particularly attract attention, but their totality raises certain questions.
It can be assumed that the theft was fake, since a fairly large and beautiful amount was withdrawn and the attackers only pretended to confuse the tracks. The withdrawn amount is clearly not fatal in this case and the company has an insurance fund that will cover all losses. The main question is why was all this done? Maybe in time we will find out.