Binance CEO cautions Chinese citizens over data breaches, dark web, and more…

binance-ceo-warning-over-shanghai-police-data-breach

Binance CEO Changpeng Zhao “CZ”  Twitter on July 3 announced that Binance threat intelligence had discovered citizen records for sale on the dark web, without citing the country. He attributed the data breach to a bug in a government agency’s software utilizing an Elasticsearch algorithm.

Twenty-three terabytes of data including names, addresses, birthplaces, national IDs, phone numbers, and criminal case information was apparently stolen from a police station database in Shanghai, China. The hacker presented the information on the dark web for about ten bitcoins.

Elasticsearch is utilized to quickly search through massive data sets and return answers within milliseconds. In a corporate or government commodity, data from social media posts to emails to company spreadsheets may all end up in an Elasticsearch data bucket. While this makes for effortless access to a wealth of enterprise information, it becomes equally a tempting prospect for cybercrooks.

Information on the platform where the data was posted suggests that the attack targeted a sample of Elasticsearch on the cloud platform of a subordinate of Alibaba utilized by the Shanghai police.

CZ illustrated that the compromised data had implications for Binance users as the data in question could potentially be used to take over various accounts. The cryptocurrency exchange has since taken steps to fortify its user verification processes. CZ also mentioned that Binance uses internal and outsourced threat detection.

Not just Binance, Cybersecurity experts worried about the size and sensitivity of data

News of the hack sent tension throughout the Chinese security industry, initiating speculation on how it could have occurred. Shanghai police have not yet made any official statement. Cybersecurity experts that have weighed in are worried due to the hack’s size and the sensitiveness of the exposed information, including criminal activity segments.

According to various reports, some reporters downloaded the list and called phone numbers to check the reliability of the information. Five parties confirmed criminal information only the police could access, while four verified their identity before hanging up.

The threat landscape in the crypto world

While hacks of DeFi protocols include the theft of funds, such as the breaches that saw funds stolen from Axie Infinity’s Ronin bridge and Harmony’s Horizon bridge, data leaks are more doable to threaten customers of centralized crypto exchanges. Exchanges are needed to collect Know-Your-Customer information from new clients to battle money laundering and terrorism financing, which could be uncovered on the dark web in the event of a security breach.

In the case of this attack, an Australian security consultant stated that it was possible that the hacker was overstating the scale of the attack.

According to a  report from 2021, U.S.-based crypto companies faced the highest number of attacks between 2011 and 2021, while attacks on Chinese companies accounted for most of the lost funds. Hackers tried to embezzle funds from exchanges with minimal KYC requirements, such as a phone number & email.


Hungry for more information?

Check out the Latest NFT News!

For more interesting updates on NFTs, connect with NFTHI on Twitter and Instagram.

Join us on Telegram!


NFTHI does not recommend any kind of Investment in NFTs or NFT trading. All the strategies are merely educational references.

Conduct thorough research before you start with NFT trading.

Share This Post

Related Posts

Capital One Joins Web3 by submitting Trademarks

Capital One has finally embraced the Web3 platform. The...

5 Best New And Upcoming NFT Collections To Look Out For In 2022

The first quarter of 2022 has seen many hot...

Chevy’s NFT Auction failed No Bids for the NFT

Chevy’s first experience in the world of non-fungible tokens was...

$4.7 M worth of ETH was stolen from Uniswap Protocol in a fake token Phishing Scheme

A sophisticated phishing campaign targeting liquidity providers (LPs) of...

Lonely Apes isn’t attracting ladies, the BAYC floor price has dropped by 50% 

Since the beginning of the month, the floor price...

FBI warns public over fake crypto apps

Nowadays, Fake crypto apps appear to be a component...
spot_img