The currency was ambushed by hackers, and $41 million was missing.

The investor protection fund of the currency security may not be fully responsible for the losses caused by the theft.

On May 8th, the Announcement of the Coin Announced that at 1:15 am today, the coin security BTC hot wallet was stolen. According to the official announcement of the currency security, the hacker stole 7000 bitcoins from it, and the stolen BTC accounted for the heat. 2% of the total storage in the wallet. Based on the current price of Bitcoin, the loss was more than $41.599 million.

According to the latest phase of the destruction announcement, the net profit for the first quarter of 2019 was $78 million. The stolen losses exceeded 50% of its previous quarter's earnings, while the currency's annual profit in 2018 was $432 million. The stolen losses accounted for 9.55% of its 2018 annual net profit.

The official said that the currency will use the SAFU fund to fully bear this loss. The funds of the SAFU Fund mainly come from the transaction fee of the currency security, but so far, the total amount of the currency transaction transaction fee and the total amount of the investor protection fund are still unknown.

According to the analysis of many parties, the money security may only be recognized for the stolen funds, and the possibility of recovering losses from the currency security is minimal.

The stolen amount is about one month's net profit

In order to recover the loss, Zhao Changpeng revealed in the live broadcast earlier that the currency will consider the transaction to roll back the stolen amount, but the program is still under discussion.

Someone commented on this tweet: "You are not deciding not to do it, but you realize that you can't do it."

Subsequently, Chan Chan CEO Zhao Changpeng said on Twitter today that after many discussions, the currency security decision will not use the transaction rollback to recover the loss. Zhao Changpeng said that there are three advantages to using the transaction rollback method to recover losses:

1. You can “revenge” the hacker who steals the money by “transferring” the fee to the miner;

2. Prevent future hackers from attacking intentions;

3. Explore the possibility of a bitcoin network responding to such situations;

But the harm is obvious, and the main factors that the currency security decided to abandon the transaction rollback are as follows:

1. We may damage the credibility of the BTC;

2. We may lead to the split of the Bitcoin network and the community;

3. The hacker did show some obvious weaknesses in our design and user confusion, which was not obvious before; 4. This is a very expensive price for us, but it is also a lesson. Protecting user funds is our responsibility. So we should face it and learn from it and improve it;

After interviewing various opinions, found that Zhao Changpeng had previously proposed in the live broadcast that the feasibility of recovering losses through transaction rollback was not large.

Pu Songtao, head of the public relations project of the CCID Research Institute, said that the rollback of the transaction requires the miners to upgrade the mining software in a unified manner, which means that it needs to be recognized by the community. This kind of behavior will greatly reduce the trust of the Bitcoin network. Pu Songtao added: "It can be compared to the Ethereum incident of the year."

In the Ethereum incident of the year, the person who proposed to roll back to make up for the loss was V God, and V God had a high voice in the Ethereum community, and the program was implemented, and Zhao Changpeng was in the Bitcoin community. There is not much voice, so the possibility that Zhao Changpeng’s transaction rollback can be recognized by the Bitcoin community is extremely low.

In addition, Jeff, a technical analyst at PeckShield, believes that rollbacks are similar to hard forks, while 7,000 bitcoins are too small.

Whether or not the currency can recover the loss in this way, both Pu Songtao and Jeff have a negative attitude.

Pu Songtao believes that it is time to track the whereabouts of the currency. By collaborating with the exchange to mine the hacker account and then freeze the hacker account, there is still the possibility of recovering the loss.

In the live broadcast, Zhao Changpeng also said that the currency is working with other exchanges, such as Coinbase, to track the whereabouts of the stolen BTC.

But Pu Songtao also added that the success rate of this method is lower, because hackers will not be so stupid.

Jeff also made it clear that it is unlikely that the currency will recover the stolen BTC, but according to the income of the currency, the currency can fully bear the loss.

Afterwards, Zhao Changpeng suggested on Twitter that the user should change the API key and the 2FA code. However, Dr. Pu Songtao told Finance Network that the user's change of API key and 2FA code can only prevent it, and it has no effect on making up for the losses already incurred.

After the financial network, I interviewed the coin COO Heyi on the solution, but as of the time of publication, I still have not received an exact reply.

According to BNB, which was repurchased and destroyed in 2018, the annual profit of the currency in 2018 was 432 million US dollars. The stolen loss accounted for 9.55% of its annual net profit in 2018, which is about one month's net profit. .

The hacker has premeditated

According to the currency security announcement, the attack was a large-scale systemic attack. The hacker could obtain a large number of user API keys, Google verified the 2FA code and other related information. The hacker used a composite attack technology, including phishing and viruses. Other means of attack.

Blockchain security company Beijing Chain Security analysis, users and currency security servers have saved API transaction keys and Google verification 2FA code, stolen is likely because the currency security network was hacked by hackers for a long time APT penetration, not Single or batch users are caused by phishing viruses.

Zhao Changpeng confirmed this news in today's live broadcast. He said that the hackers had already discovered the system's security vulnerabilities, but they have been very patient until the system has a large amount of transactions before they start to steal money.

At the same time, Beijing Chainan also said that the address of the stolen coin Anwar wallet is 1NDyJtNTjmwk5xPNhjgAMu4HDHigtobu1s. The current hot wallet address still has a balance with a balance of 3162.69114593. The stolen 7,000 bitcoins were scattered among the more than 40 hacker-controlled wallet addresses, and no transfer occurred.

The news that “stolen funds have not been transferred” was confirmed by digital asset security agency PeckShield. According to PeckShield’s digital asset escort system data, 7,074 BTCs lost by the money security wallet were temporarily stored in multiple addresses. Has not spread further.

In response to the theft, Beijing Chainan believes that because the stolen money is not a direct transfer transaction caused by the use of the bitcoin private key, the money is raised through the process of withdrawing money. The single-note coin reached 7000 bitcoin but the coin-operated coin control system did not provide an effective warning.

At 2 o'clock this afternoon, an anonymous white-hat hacker said that the hacking behavior would have a secondary impact.

The reversal of the currency security once again pushed the security of the centralized exchange to the topic center.

Wang Dong, founder of the Loopring Road Printing Agreement, believes that there are security vulnerabilities in the successful centralized exchanges, not only the technical level, but also internal control.

Pu Songtao told the financial network that there are still many security loopholes in the current exchanges. Many exchange platforms will have stolen coins. Therefore, it is necessary for major exchanges to establish a comprehensive security system. It should be transparent to the user. If a theft has occurred, it should be made known to the user in time.

Stolen incidents

According to the statistics of the financial network, the theft was not the first time since the launch of the currency in 2017.

On March 7, 2018, the currency API interface was hacked. Many users' coins were forcibly sold and bought VIA. According to the community's incomplete statistics, the amount involved or above 10,000 BTC, the digital currency market plunged more than 10%. .

Immediately, BNB fell rapidly, falling more than 15% from the previous trading day.

On July 4, 2018, some media reported that due to the impact of SKY vulnerabilities, a large amount of bitcoin was stolen in the currency exchange, and more than 7,000 BTCs were transferred to the same address within two hours.

Syscoin officially advertised the existence of this vulnerability. However, it was denied that the pair of coins was stolen and said that it was a normal transfer within the currency. And commented that many platforms have encountered similar problems, the advantage is that at least the currency has automatic risk control.

According to Blue Whale Finance, since then, the currency has deleted all API records, allowing users to re-create API keys, and has rolled back transactions for accounts that are passively involved in abnormal transactions, exempting some users from fees.

The incident was later defined by the currency as an API user phishing incident, while the BNB fell more than 15% in less than a week.

After this incident, the currency officially established the SAFU fund. According to, the SAFU fund is the investor protection fund of the currency security. According to a notice on July 4th, from July 14, 2018 From now on, 10% of the transaction fee will be taken as the investor protection fund, and the relevant assets will exist at the independent address and will be dedicated. The special fund is used to cope with possible extreme security incidents. When there is a sudden risk on the platform, the money security will use the investor protection fund to make advance payment to the coin security user; for any non-user self-cause caused by user asset loss , the currency security will withdraw funds from the investor protection fund to implement full pre-payment for the user.

But so far, the currency has not announced the address of this investor protection fund. interviewed him on this issue this afternoon, but he did not get an exact response.

In today's live broadcast of AMA activities, Zhao Changpeng said that the investor protection fund of the currency can completely cover the loss.

However, according to the calculation of the financial network, the investor protection fund of the currency security may not be able to fully bear the loss.

The investor protection fund of the currency security has not been established for 10 months. According to the number of BNBs destroyed by the currency repurchase, the currency protection of the investor’s protection fund has been approximately 179 million US dollars. In addition to the fee income, there are other types of income, but even if the full amount is used as the fee income of the currency security, the current fund pool of the investor protection fund of the currency is only $17.9 million, far below this. The loss was $4125.99 million.

According to analysis, since the currency has become the world's largest cryptocurrency trading platform, the currency security announcement clearly indicates that there are 350,000 BTCs coexisting in its hot wallet. If the stolen losses exceed its profit and its own funds reserve, there will be no one. The possibility that the entire cryptocurrency market will encounter a more serious blow.

After the theft, the currency has repeatedly stressed that user funds will not be lost. However, according to the currency announcement, hackers may still control certain user accounts. As of press time, the currency has not yet announced the number of accounts affected by the theft.

At present, the currency security is undergoing a one-week security review. The security review will cover all parts of the system and data. During this period, the deposit and withdrawal business will be suspended, but the user can trade normally.

According to the financial network, according to the currency security market, after the incident, BNB fell more than 10%, is now reported at 20.85 US dollars, the lowest is 19.51 US dollars. It is understood that this price is the lowest price of BNB since the 30th.

Original: Financial Network Wu handsome

Source: Finance and Economics Network on Finance