Image from Shutterstock
On November 11, Binance released an update on the 2018 phishing attack against its clients, in which hackers attempted to steal funds from 31 customer accounts. In its statement, the company confirmed that the two people allegedly responsible for the attack were indicted by the U.S. Department of Justice.
Two years ago, the fraudsters staged a phishing attack against the platform by mimicking Binance’s website and collecting the login credentials of many users. Soon after the illicit activities were detected by the exchange, the company offered a $250,000 reward for information, which could help in identifying the perpetrators.
The same month, a team of investigators submitted a long-form report, which assisted Binance in understanding the specifics of the attack, and ultimately led to the detention of one of the figures behind the scam.
After the DOJ officially identified and sanctioned the criminals, Binance decided to award the investigator team with $200,000, with the remaining $50,000 to be given after the attackers are caught. The culprits are currently being pursued by U.S. law enforcement agencies.
In the announcement, Binance also revealed information about the security improvements that followed the 2018 phishing scam. The company stated that $247,787 have already been distributed to community members who collaborated with the developer team in removing bugs, taking down fraudsters, and improving the overall security of the exchange.
In the two years following the scam, Binance’s platform has undertaken a series of security improvements, including the introduction of two-factor authentication, open-sourcing its TSS library, ensuring regular user education, and disclosing information about vulnerabilities on other apps and websites connected to Binance.
The exchange is said to be cooperating with many financial security firms, including CryptoSafe Alliance, Confirm, CipherTrace, and IdentityMind, in order to continue protecting its users from bad actors in the crypto industry. Binance further expressed gratitude towards its supportive community, and urged users to join its Bug Bounty Program, which rewards users with up to $10,000 worth of BNB per bug.