In a Remarkable Turn of Events, Hackers -- Not Users -- Lost Money in Attempted Cryptocurrency Exchange Heist

The hackers who attempted to hack Binance, one of the largest cryptocurrency exchanges on the Internet, have ended up losing money in a remarkable turn of events. It all began on Thursday, when thousands of user accounts started selling their Bitcoin and buying an altcoin named Viacoin (VIA). The incident, BleepingComputer reports, looked like a hack, and users reacted accordingly. But this wasn't a hack, or at least not your ordinary hack. The report adds: According to an incident report published by the Binance team, in preparation for yesterday's attack, the hackers ran a two-month phishing scheme to collect Binance user account credentials. Hackers used a homograph attack by registering a domain identical to binance.com, but spelled with Latin-lookalike Unicode characters. More particularly, hackers registered the [redacted].com domain -- notice the tiny dots under the "i" and "a" characters.

Phishing attacks started in early January, but the Binance team says it detected evidence that operations ramped up around February 22, when the campaign reached its peak. Binance tracked down this phishing campaign because the phishing pages would immediately redirect phished users to the real Binance login page. This left a forensic trail in referral logs that Binance developers detected. After getting access to several accounts, instead of using the login credentials to empty out wallets, hackers created "trading API keys" for each account. With the API keys in hand, hackers sprung their main attack yesterday. Crooks used the API keys to automate transactions that sold Bitcoin held in compromised Binance accounts and automatically bought Viacoin from 31 other Binance accounts that hackers created beforehand, and where they deposited Viacoin, ready to be bought. But hackers didn't know one thing -- Binance's secret weapon -- an internal risk management system that detected the abnormal amount of Bitcoin-Viacoin sale orders within the span of two minutes and blocked all transactions on the platform. Hackers tried to cash out the 31 Binance accounts, but by that point, Binance had blocked all withdrawals.

Re:Unicode hack?

[Train0987]

They allow it for the same reason we have 100 new TLD's. Profits. Now there are many new variant domains that a company must register in order to avoid squatters.

Re:Unicode hack?

[Tom]

They would never do such a thing! The new TLDs are all for the purpose of users and convenience and helpful to Internet users. That is why we got .aero as one of the first ones...

The real sad part is that nobody stopped them. The good part is that the new TLDs are largely ignored. There was a short period where you would see people advertising their .biz addresses, then it stopped and went back to normal.

So the world was telling ICANN to go and fuck themselves. Allowing Unicode and the entire attacks possible with it was their spiteful revenge.

Re:Yes

[jetkust]

Just ask them to come forward in person to claim them.

Saw this happen IRL once with a safe-cracker

[bubblegoose]

I had a job installing security systems many years ago. There was a grocery store in a slightly isolated area, it had an alarm hooked up with an outside siren and connected to the phone line. It was the 1980s, there were no cellular backups. The would be safe cracker pulled the outside siren off the wall with his vehicle and cut all of the phone lines, then he broke in and started working on the safe ignoring the inside siren. He had about $1000 worth of power tools in to the back office and started to drill the safe. He didn't count on the baker coming in early to get a start on the day. When the baker showed up, the robber bugged out the back door. He left behind all of his nice tools. He did cause the business some hardship, they couldn't access the contents of the safe for about 3 days until the locksmith could replace the parts he had ruined. Insurance paid to fix his safe and alarm system, after that they had their phone lines buried so they couldn't be cut as easily.