Last week, heaps of panicked cryptocurrency traders rushed to the Binance community on Reddit to report that their altcoins had suddenly been converted to Bitcoin – without their consent and with no prior notification.
But thanks to its excellent reaction to all this chaos, the company has come back from this massive mishap even stronger – and is now announcing a $10 million fund for future bounty awards and a $250,000 reward for any information that leads to the arrest of the perpetrators of last week’s attack.
Before we get into why this is such a brilliant PR move, it’s worth summing up last week’s failed hacking attempt.
Last Wednesday, the exchange desk registered an unusually high trading activity in the Viacoin/Bitcoin market.
Binance responded to the alert promptly, ultimately pinning down the issue as a carefully coordinated phishing attack. “The hackers accumulated user account credentials over a long period of time,” the company wrote in a summary following the incident.
“Many users fell for these traps and phishing attempts,” Binance explained in its analysis of the attack. “After acquiring these user accounts, the hacker then simply created a trading API key for each account but took no further actions, until [March 7].”
The truly impressive part is that Binance not only managed to thwart the attack, but it ultimately caused the hackers to lose funds.
Indeed, the hackers’ attempt to withdraw the converted funds was impeded by the exchange desk’s risk management system.
“As withdrawals were already automatically disabled by our risk management system, none of the withdrawals successfully went out,” the exchange desk explained. “Not only did the hacker not steal any coins out, their own coins have also been withheld.”
But what is especially admirable is how communicative the exchange desk remained during the storm: customer support reps were actively responding to questions on Reddit and Telegram, and even CEO Changpeng Zhao took to Twitter to update users about the situation.
All funds are safe. There were irregularities in trading activity, automatic alarms triggered. Some accounts may have been compromised by phishing from before. We are still investigating. All funds are safe.
— CZ (not giving crypto away) (@cz_binance) March 7, 2018
These efforts did not remain unnoticed by the Binance users, who showered the exchange desk with compliments for the way it handled the situation.
“Can we all take a minute to congratulate Binance on continually being the best exchange when it comes to transparency and PR,” one post read, while other posters were thoroughly amused (and in awe) by the fact that the hackers actually lost funds.
For those unfamiliar, such positivity towards exchange desks is completely unusual for Reddit, which is usually reserved for anger-infused rants about delayed withdrawal requests and crappy customer service. But then again, it seems Binance’s approach to prioritize the comfort of the user over the safety of their brand is also something uncommon in the blockchain space.
When numerous Coinbase users cried out they had suddenly received multiple wrong charges for past purchases, the exchange desk gave it its best to salvage its public image in times of chaos. By contrast, Binance got its hands dirty right away and did not shy away from taking responsibility for the mishap at any time.
It is precisely this attitude which has helped the company become one of the leading cryptocurrency exchange desks in the short timeframe it has existed, since initially launching back in July last year.
For the record, this is not the first time Binance has reacted accordingly to technical difficulties.
Earlier in February the exchange desk abruptly suspended all trading activity on its platform, pissing off a bevy of users doing so. But despite some outrage, the company eventually owned up to its mistake and offered users a temporary 70-percent discount on all trading fees as an apology for the inconvenience.
Yesterday’s bounty hunter program announcement is an extension of the same outlook to treating customers: It is not only a good chance to turn a negative situation into a positive one, but also an excellent opportunity to educate users on the potential harms of phishing and encourage people to report such attacks before they’ve taken place.
Meanwhile, anyone who has information about the individuals behind last week’s attack can contact the exchange desk at firstname.lastname@example.org.
Published March 12, 2018 — 12:02 UTC