Binance CEO Changpeng Zhao “CZ” Twitter on July 3 announced that Binance threat intelligence had discovered citizen records for sale on the dark web, without citing the country. He attributed the data breach to a bug in a government agency’s software utilizing an Elasticsearch algorithm.
Twenty-three terabytes of data including names, addresses, birthplaces, national IDs, phone numbers, and criminal case information was apparently stolen from a police station database in Shanghai, China. The hacker presented the information on the dark web for about ten bitcoins.
Elasticsearch is utilized to quickly search through massive data sets and return answers within milliseconds. In a corporate or government commodity, data from social media posts to emails to company spreadsheets may all end up in an Elasticsearch data bucket. While this makes for effortless access to a wealth of enterprise information, it becomes equally a tempting prospect for cybercrooks.
Information on the platform where the data was posted suggests that the attack targeted a sample of Elasticsearch on the cloud platform of a subordinate of Alibaba utilized by the Shanghai police.
CZ illustrated that the compromised data had implications for Binance users as the data in question could potentially be used to take over various accounts. The cryptocurrency exchange has since taken steps to fortify its user verification processes. CZ also mentioned that Binance uses internal and outsourced threat detection.
Not just Binance, Cybersecurity experts worried about the size and sensitivity of data
News of the hack sent tension throughout the Chinese security industry, initiating speculation on how it could have occurred. Shanghai police have not yet made any official statement. Cybersecurity experts that have weighed in are worried due to the hack’s size and the sensitiveness of the exposed information, including criminal activity segments.
According to various reports, some reporters downloaded the list and called phone numbers to check the reliability of the information. Five parties confirmed criminal information only the police could access, while four verified their identity before hanging up.
The threat landscape in the crypto world
While hacks of DeFi protocols include the theft of funds, such as the breaches that saw funds stolen from Axie Infinity’s Ronin bridge and Harmony’s Horizon bridge, data leaks are more doable to threaten customers of centralized crypto exchanges. Exchanges are needed to collect Know-Your-Customer information from new clients to battle money laundering and terrorism financing, which could be uncovered on the dark web in the event of a security breach.
In the case of this attack, an Australian security consultant stated that it was possible that the hacker was overstating the scale of the attack.
According to a report from 2021, U.S.-based crypto companies faced the highest number of attacks between 2011 and 2021, while attacks on Chinese companies accounted for most of the lost funds. Hackers tried to embezzle funds from exchanges with minimal KYC requirements, such as a phone number & email.
Hungry for more information?
Join us on Telegram!
NFTHI does not recommend any kind of Investment in NFTs or NFT trading. All the strategies are merely educational references.
Conduct thorough research before you start with NFT trading.