New Stage of the Binance Hack Drama - Appologies for 'Dirty' Words
“Given how much I talk, I sometimes say the wrong stuff, dirty words like “reorg”, for which I apologize”, said Changpeng Zhao (CZ), CEO of Binance, today in an update posted on Binance blog.
By "reorg" he means the blockchain reorganization process, which supposedly would allow to roll back the Bitcoin transactions that happened in a few days before the hack in order to recover the lost funds and “teach [hackers] a lesson.”
The idea was mentioned by the CEO during a livestream (where he said he hadn’t slept for 29 hours by the point the 'dirty word' was uttered), but was soon dismissed by Zhao himself. In either case, the mentioned idea became the hottest topic on that day in the cryptoverse and the CEO received many negative reactions.
So now, not only CZ decided to apologize.
Respect to both of you.— givenofox (@rtcarter3) May 10, 2019
It's extremely rare to find people that are not only willing to admit they made a mistake, but to apologize for it as well.
Meanwhile, Zhao further updated the community on the current post-hack state in the company, confirming that the single BTC transaction of about BTC 7,000 is the only one from which the funds were stolen, which can be verified on the blockchain. In the meantime, the company is working with a number of community experts who are watching Binance wallets, he said, but also security expert teams and blockchain analytics firms on improving security, identifying the hackers, and tracking the stolen funds.
The company is also in a “sort of an alliance” with exchanges and other service providers, working together on freezing the stolen funds. “Tentatively, we are looking to resume withdrawals and deposits early next week, “ Zhao said. “We still have a large number of tasks and tests to do, and we are working around the clock on it.”
Going back to the security breach, Zhao asked people to understand that, while Binance “strive[s] to maintain the highest degree of transparency […] hackers are reading every word we post and watching every AMA [Ask Me Anything sessions] we host. Sharing too many security details actually weakens our security response strategy.”
Zhao also announced unspecified changes to the API (application programming interface), 2FA (two-factor authentication), and withdrawal validation areas, saying that Binance is working on improving risk management, user behavior analysis, and know-your customers procedures, fighting phishing, as well as adding hardware device support, such as YubiKey (announcing a 1,000 YubiKeys give-away upon implementation).
Zhao thanked everybody for the support, saying: “I believe this incident, while damaging us now, will actually make us far stronger and more secure in the long run.”