|From: zax||5/8/2019 1:25:29 AM|
|Binance says more than $40 million in bitcoin stolen in ‘large scale’ hack [Updated]|
[Update: Changpeng Zhao’s comments on Periscope added to bottom of post]
Cryptocurrency exchange Binance has confirmed a “large scale” data breach, in which hackers stole more than $40 million in cryptocurrency
In a statement, the company said hackers stole API keys, two-factor codes and other information in the attack.
Binance traced the cryptocurrency theft — more than 7,000 bitcoins at the time of writing — to a single wallet after the hackers stole the contents of the company’s bitcoin hot wallet. Binance, the world’s largest cryptocurrency exchange by volume, said the theft impacted about 2 percent of its total bitcoin holdings.
“All of our other wallets are secure and unharmed,” said the statement.
“The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time,” the statement read. “The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed.”
“Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that,” the statement said.
Binance said its secure asset fund for users (SAFU) will cover user losses.
Until the company’s investigation is complete, deposits and withdrawals will remain suspended but trading will remain open.
Binance chief executive Changpeng Zhao is set to hold a Twitter ask-me-anything session in the coming hours. TechCrunch will bring you more once we have it.
On Periscope, Zhao gave more details about the hack, saying that it was a very advanced effort executed by “very patient” hackers who waited until they had a number of high net worth accounts. He added that Binance will be able to cover the bitcoin lost without help. The company does not know yet exactly how many users were affected.
The company is currently working with other exchanges to block deposits from hacked addresses. It will be about a week before Binance can release withdrawals or accept deposits again because it needs to “make sure we completely eradicate any trace of hackers in all our accounts and data and that is a pretty tedious process,” Zhao said. He encouraged everyone to change their API keys and two-factor authentication.
In response to questions about potentially issuing a rollback, Zhao said “to be honest we can do that probably within the next few days but there are concerns that if we were to do a rollback on the bitcoin network on that scale, it may have some negative consequences in terms of destroying credibility for bitcoin, so our team is still deciding on that and running through the numbers and checking everything. We will try to maintain very high transparency.”
He added that the idea came from the bitcoin community. “I actually did not know we could do that, but there are serious consequences for doing that, so we will take that very cautiously.”
|RecommendKeepReplyMark as Last ReadRead Replies (2)|
|To: zax who wrote (36)||5/19/2019 9:18:54 PM|
|From: Glenn Petersen|
|Security Incident Recap|
In this article, I will share a recap of what occurred in the past two weeks, including lessons learned, stress dealt with, and wisdom gained. - CZ
A group of hackers was able to gain control of a number of user accounts and made some large withdrawal requests in such a way that they bypassed our pre-withdrawal risk management checks. Our post-withdrawal risk monitoring system caught the actions immediately and suspended all subsequent withdrawals. While things are crystal clear in hindsight, at that moment, we weren’t 100% sure as to what exactly happened. Was it an actual user action, a glitch in the system, or maybe a hack? As we were still evaluating the situation at the time, we decided to proceed with caution. I put out a tweet saying the withdrawal servers are in unscheduled maintenance mode, while the team continued to investigate what happened. After confirming it was a hack, more questions followed:
- How much did the hackers withdraw?
- Were there previous withdrawals that we didn’t notice?
- How many other accounts did the hackers have?
- What other risks are involved?
- How did the hackers know our risk management rules so precisely? Do we have a mole?
- What do we need to do to get the withdrawal system online again?
While the team was investigating the above, there were further questions that needed to be answered:
- How should we communicate?
- What would the community reaction be?
- How much reputational damage would we suffer?
In tough moments, we always choose to rely on our ethos: Users First and Be Transparent.
After the initial incident, we decided to put out a notification across all our channels regarding the security incident. By then, we were relatively certain that there was only a single affected transaction. All our other wallets were safe. We were cautious that the hackers may still have control to additional accounts that we were not fully aware of. Further withdrawals still posed a risk, and we needed to make a few significant changes to the system before we could re-enable withdrawals for our users. This security incident notification stated an estimation of one week of suspension on withdrawals.
In our technology world, you can never accurately estimate how long changes might take. It is quite different when you compare it to repeated predictable work. But our users and community needed an estimate, and once communicated, it became a target deadline for our team to deliver. I did not know how the community would react to a one week of withdrawal suspension, but luckily, being transparent paid off and we received tremendous support from our amazing community.
Lesson: During a crisis, constant transparent communication is key.
We had already previously scheduled a video AMA just a couple hours later. I thought it would be appropriate to keep it, as lots of people would have questions, which turned out to be the right thing to do.
Seeing me live did put a lot of our community at ease. The livestream was analyzed to death, including body language analysis which I thought was a very good thing. It truly shows how the crowd will work as a hive mind on different aspects of the analysis. The body language analysis results were very positive, which is reassuring.
Lesson: Get on a live video stream during a crisis. Your users deserve to know, not just what happened, but how you are doing and handling it, including allowing them to judge your mental state for themselves.
Before the AMA, I had been up all night and I was really feeling the effects. So, I took a 15-minute nap just before the AMA. Upon waking up, my team told me there was an interesting proposal from a Bitcoin Core developer. I read it for a few seconds. It involved something called a “reorg”. While I know it’s technically possible for a rollback in a 51% attack scenario, it never occurred to me that it is also technically possible to change one transaction and keep all other transactions intact, while hugely incentivizing the miners. The discussion was already pretty hot on Twitter, so I mentioned it in the AMA as something that was suggested. Little did I know, it was a taboo topic. Lesson learned.
I am not gonna deny it. My first reaction was: “F***!”, the second and third reactions were also the same. A few moments after that, I began to come to terms with it, “Well that sucks! What should we do now? Lots of people are waiting for me, some for instructions, some for information and some for reassurance. Lots to do, let’s just get on with it.”
Checking with the team, they were already a couple of steps ahead of me, implementing additional security measures to further ring-fence our systems and discussing all available options. The entire team was online. I have seen this mode before, it’s called “War Mode”. Luckily, our team is accustomed to high pressured situations, and our urge to fight was stronger than ever. A few of them even gave me a pat on the back for planning to do the livestream AMA. A few variations of “Balls of Steel, Boss” came up a few times. They were cheering me on, I knew that was a good sign.
After 10 seconds of the “F***, F***, F***” state, I did a quick mental calculation. 7000 BTC, fine, I know we have more than that in our own BTC funds alone. There is enough. Mentally, a second calculation eased my thinking. The amount was about the same as a quarterly burn we did about a year ago.
Also, this is not a single outlay of cash percentage-wise by Binance. Back in September 2017, when the Chinese government issued a letter banning ICOs and “recommending” projects to return money to investors. The news alone caused many tokens to drop below their ICO prices, and many project teams couldn't return the whole amount to users. While BNB stayed strong at about 6x of the ICO price, Binance did help a number of projects raise money on our platform, and they were affected by this policy. So we did a quick calculation: if we were to help cover the loss for our users and for those projects, it would cost us roughly US$6,000,000. Putting this in perspective, while we only raised US$15,000,000 two months prior, we spent a bunch of money and were barely cash flow neutral at the time. We decided to do it anyway. I was in a moving subway when the team called me, and we made that decision together in less than 5 minutes. That was more than 35% of all the cash we had at that time. The goodwill that decision generated eventually brought us many users from China and all over the world and helped to fuel our growth. So, this time, this $40m represented a much smaller % of our cash reserves, plus we had the #SAFU fund that could fully cover it.
We thus announced that we would cover the entire loss in full.
Lesson: Money can always be earned later, do the right thing first.
We got tremendous community support, from people defending us, to people helping us answering questions in the community, on Twitter, Telegram, and Facebook. The Binance Angels (our volunteers) have been running at full steam on multiple communities, addressing questions and reassuring our users around the clock. Thank you, Thank you, We thank you!
Many partners jumped in to help. Analytics teams started to help us track the stolen funds, e.g. Peck Shield, Whale Alert, etc. Exchanges and wallet services offered to block any deposits associated with the hacker addresses. Some of them may be perceived as our “competitors” by some people, but I am impressed at how the entire community came together and stood united at a time of need.
We also received numerous offers for help from law enforcement agencies around the world. This is a result of working with them closely in the past, usually helping them to solve cases. Now, they offered their help to us in return.
Lesson: Being transparent makes it easier for others to help you.
I got 40+ new leads from various security experts/consultants/companies offering to help. While some clearly intended to help, many were simply trying to sell their services. While all help is fully appreciated, the timing was actually a little off. It would not be good for me to schedule 40 calls during the week when our system is partially down. Some even flat out suggested that we give them full access to our servers so that they can help us do forensics, we politely decline. Moving on...
One Quarter in a Week
Our team pushed on, day and night. In places where we congregate in small temp “offices”, we had Ikea temp beds rolled out. I won’t go into the details here, as we don’t disclose our security practices. But to bring the system back online in one week, all of our teams did more than a quarter’s worth of work in that one week.
A Blessing in Disguise
Speaking with various team members, and as correctly analyzed by community members, such as Gautam Chhugani, this incident may actually be a good thing for us in the long run. Security is a never-ending practice. There are always more things to do in security, and we have implemented many of them in this last week and will continue to implement more in the future. Given this incident, Binance has actually become far more secure than before, not just in the affected areas, but as a whole.
We always maintain constant and transparent communication with our community during the crisis. We believe this to be a strong factor that contributed to the support we got from the community in return. One clear measure is the BNB price: it dropped a bit on the initial news, but not nearly as much as one would have expected, and even before we resumed withdrawals, it has already made a strong come back and hit all-time highs (in USD) again.
|RecommendKeepReplyMark as Last Read|
|From: zax||6/26/2019 9:47:28 AM|
|News that outwardly appears to suck...|
Binance to Stop Serving US Traders Following Announcement of US-Dedicated Platform
Today’s announcement provides a timeline for the new terms to come into effect, specifying that:
“if central banks are gonna be this aggressive, then alternative currencies do start to become a bit more attractive."</snip> Read the rest here: cointelegraph.com
|RecommendKeepReplyMark as Last Read|
|From: zax||6/26/2019 9:50:30 AM|
|More awful news...|
US Residents Will Lose Access to Many Altcoins on Binance Starting in September
Crypto enthusiasts living in the United States will have no trading options for a many cryptocurrencies when the major crypto exchange Binance becomes unavailable for them in September, according to a report by CryptoPotato on June 14.
The report draws this conclusion based on the following table, which shows which cryptocurrencies will still available for U.S.-based traders after Binance discontinues its U.S. service:
The foregoing exchanges listed are Coinbase, Bittrex, Poloniex, Kraken, HuobiUS, and eToro.
The report also highlights that, in addition to the cryptocurrencies with no trading outlet in the U.S.—the all-white rows—there are also a number of tokens listed on only one exchange after Binance drops off, including ARK, BTT, IOTA, PIVX, and ZIL.
These “endangered” exchange tokens, as well as the (temporarily) extinct tokens, will likely witness a large drop in volume, according to the report.
However, veteran cryptocurrencies such as XRP, DASH, XLM, ETC, ZRX, and ZEN should survive Binance’s departure with little issue, since they are listed on four or more of the aforementioned exchanges.
Binance CEO Changpeng Zhao ( CZ) remarked on the recent changes, implying that the restructuring will be useful in the long run:
“Some short term pains may be necessary for long term gains. And we always work hard to turn every short term pain into a long term gain.”
|RecommendKeepReplyMark as Last Read|
|From: Glenn Petersen||8/19/2019 11:36:08 AM|
|Binance planning to launch ‘Venus,’ similar to Facebook’s upcoming cryptocurrency Libra|
by Yogita Khatri
August 19, 2019, 2:46AM EDT
- Crypto exchange Binance has announced the plan of launching “Venus” cryptocurrency
- The exchange defines Venus as a “regional version of Libra”
The world’s largest cryptocurrency exchange Binance is planning to launch “Venus,” calling it an “independent regional version of Libra,” according to an announcement Monday. Astrologically speaking, Libra’s ruling planet is Venus.
Binance said it is going to launch Venus cryptocurrency because it has a presence in several countries, has its native blockchain Binance Chain in place, as well as it hopes to break the “ financial hegemony” and reshape the world’s financial system.
“We believe that in the near and long term, stablecoins will progressively replace traditional fiat currencies in countries around the world, and bring a new and balanced standard of the digital economy,” Binance co-founder, Yi He, told The Block.
She added: “We hope to achieve a vision, that is, to reshape the world financial system, allow countries to have more tangible financial services and infrastructures, protect their financial security and increase the economic efficiency of countries.”
Venus is an open blockchain project to develop “localized” stablecoins and digital assets pegged to fiat currencies, according to an English version of the announcement. “Binance will provide full-process technical support, compliance risk control system and multi-dimensional cooperation network to build Venus, leveraging its existing infrastructure and regulatory establishments,” it added.
Binance further said that it welcomes more governments, companies and organizations with “strong influence” on a global scale to collaborate with it for the Venus initiative.
Facebook’s planned cryptocurrency, Libra, also has a similar structure. It intends to serve the unbanked and facilitate low-fee money transfers globally. Libra is expected to go live sometime next year, but it has already faced scrutiny from central banks and politicians around the world. Facebook has itself recently said in a risk disclosure filed with the Securities and Exchange Commission that Libra may never launch due to “significant” regulatory scrutiny.
Binance today said that it believes that Libra is growing at an “exponential rate” and will reshape the world financial system, bringing changes more than the Internet. “Instead of resisting change and losing the opportunity, it is better to embrace change. […] At the same time, ‘Libra’ needs to be developed in an orderly manner under the regulatory framework,” the exchange added.
After the publication of this story, Binance CEO Changpeng Zhao (“CZ”) tweeted that while Venus would help to push cryptocurrency adoption, it does not look to dominate Libra. “Always happy to co-exist. In fact, this should help Libra, if you think about it. Will leave it at that.”
Zhao’s tweet hints that Venus could focus on countries where Libra won’t be allowed, such as China or India. Facebook recently confirmed that it wouldn’t launch Libra where there are local restrictions.
Earlier this month, The Block reported that retail giant Walmart could also be working on issuing a USD-pegged stablecoin, similar to Facebook’s Libra cryptocurrency.
Some statements in the story are translated from Chinese.
|RecommendKeepReplyMark as Last Read|
|From: Glenn Petersen||9/23/2019 11:52:56 AM|
|Binance Makes Its U.S. Move |
September 23, 2019
Ryan Duffy Emerging Tech Writer
This morning, Binance.US launched a digital assets marketplace. As you've probably guessed, it's the U.S. arm of Binance, the world's top crypto exchange by trading volume. BAM Trading Services operates Binance.US, which licenses Binance's trading and wallet tech.
The details: Binance.US launched account registration on Sept. 18. To receive verification, users must give their government-issued ID and social security number and pass know-your-customer checks. Trading for verified Binance.US users begins tomorrow at 9 AM ET.
The exchange supports fiat-to-crypto and crypto-to-crypto trading. Initially, Binance.US is listing bitcoin (BTC), Binance's native token BNB, ethereum (ETH), Ripple's XRP, bitcoin cash (BCH), litecoin (LTC), and tether (USDT). It supports deposits for five more assets and is considering listing an additional 17.
Binance's global riseBinance has built its brand by listing more digital assets than the competition and focusing on crypto-to-crypto trading. In a press release, Binance CEO Changpeng Zhao (better known as CZ) said Binance.US will "open a new key gateway" into the U.S. market.
But it's entering a crowded field.
A big competitor is Coinbase, which has focused on compliance first and expansion of services, supported assets, and trading options second. By comparison, Binance has played regulatory hopscotch and targeted its product to seasoned traders. But it's been embracing compliance to curry favor with institutional buyers and expand to new markets.
To jumpstart onboarding, Binance.US is offering free trades until November 1 and a $15 r eferral bonus for each new signup. It's also hoping to bank on Binance's worldwide recognition and tech chops to draw in new users.
But the roll-out is limited. Though Binance.US has the approval of most regulators, it's not available in 12 states, including New York, Texas, and Florida.
|RecommendKeepReplyMark as Last Read|
|From: Glenn Petersen||11/18/2019 9:58:48 AM|
|The inside story of Binance’s explosive rise to power|
How Binance escaped China, rode the Bitcoin bull, made half a billion dollars in one year and plans to revolutionize money.
By Tim Copeland
Nov 16, 2019Nov 17, 2019
NEW YORK—Not too long ago, I was shacked up in a cheap hostel, in Manhattan. The window was open to counteract the heat of the stiff radiator, which couldn’t be turned off on a hot day in May. My colleague was nowhere to be seen and I’d just received a shocking message about Binance, the largest crypto exchange in the world.
That afternoon, the exchange had been hacked. It had lost 7,000 bitcoin, which was then worth a staggering $40 million.
Crypto exchange hacks are all too common in this world. There have been hundreds of such thefts, with that swindle taking the total of all money lost at all crypto exchanges to $1.35 billion. Until now, Binance had withstood the barrels of attacks, but this sudden breach triggered it to effectively shut up shop for an entire week—an eternity in crypto. And though Binance offhandedly covered the $40 million out of its rainy-day fund, the damage to its reputation had already been done.
“At that moment, I was truly shaken. It was from that sting in having that streak broken,” Binance’s chief growth officer, Ted Lin, told me later, in an interview. Lin, who’s been at the young company since its early days, added: “It was a watershed moment.”
Binance was just two years old, and while this was hardly fatal, it was not only a watershed moment but a blow to one of the fastest rising companies in crypto. It had taken the company a scant eight months in 2017 and early 2018 to become the most active exchange in the world. At the peak of the crypto bubble, Binance said its 7.9 million users were trading some $10 billion daily. Well after that bubble, it now has more than 10 million users, 600 employees, and made $500 million in profits in its first year alone. (Binance is not a public company but—for the first year at least—it claimed it burned 20 percent of its monthly profits in its native BNB token, which it reports. So people calculated backwards to estimate profitability.)
Forget the tech giants of old—the speed of crypto success stories, like Binance, puts crypto businesses in a league of their own.
But as I sat there sweating in that nasty little hovel in NYC—after knocking out a breaking news story on the hack so quickly I misspelled Bitcoin in the headline—I thought about how little was known about Binance.
I knew that the exchange was run by its charismatic founder Changpeng Zhao, 43, adored by his 450,000 Twitter followers as “CZ.” I knew that he had founded it in Shanghai—and that then, almost overnight, it had disappeared onto the telecosm, as stateless and decentralized as true crypto itself.
I also knew tons of little facts and figures from having written a slew of stories about the place. But it still didn’t add up for me. How was it possible that the biggest exchange in the world could move billions of dollars in trades a day, and it didn’t have an ostentatious “campus” in Palo Alto? How could it shrug off a $40 million heist as simply a learning experience? And as one of the most important companies in crypto, where was it headed?
Over the next few months, I interviewed as many current and former employees, from Zhao on down, as I could.
What I discovered was that the world’s biggest crypto exchange isn’t so much a formal company as it is an underground rebellion—a repudiation of the legacy financial system. As Zhao once told an interviewer, his exchange wants to “make a difference to the world and use crypto to do the good things. It’s also about spreading crypto, or the freedom of money.”
Binance’s big idea—“freedom of money”—means that the exchange hopes to help anyone, anywhere, easily send money to each other around the world.
It’s a lofty goal, and really, that’s just the start. If Binance succeeds, it’ll make history and could even become a financial layer embedded into the Internet itself—but, like everything else in Binance’s history, it will surely be a struggle.
The risk takerOne night in August, 2013 would fundamentally change Zhao’s life. He was playing poker in Shanghai with two of his friends, BTCC Bitcoin exchange founder Bobby Lee and Ron Cao, who was then a partner at Lightspeed Ventures. Cao kept saying something that sounded like, “Bit Coin,”—Cao said it as two separate words.
It was the first time Zhao ever heard of it.
“You should do a startup in Bit Coin, or blockchain,” he heard Cao say.
Then, Lee advised: You should put 10 percent of your net worth into it. If it goes to zero, you lose 10 percent. There is a higher chance it will go 10X, and you double your net worth.
He wasn’t joking. And Zhao was intrigued. He ended up raising him one: A short time later, he sold his house for $1 million and put it all on Bitcoin. BTC was then selling for $600 a coin. Zhao told Decrypt he still hasn’t touched it—despite Bitcoin's price dropping as low as $200 at times. That nest egg is now worth $17 million.
The man has never been risk averse.
He was born in Shanghai to a high school teacher and a professor. He moved with his family when he was a child to Canada, where he was raised. He received an undergraduate degree in computer science at McGill University, in Montreal, and from there, went off in search of his fortune, treating the world as one giant playground—rather than individual countries marked by irksome borders.
Zhao started in Tokyo, matching trade orders on the Tokyo Stock Exchange for four years, before moving to New York to work for another four years at Bloomberg’s Tradebook, on its futures trading offering. He returned to Shanghai in 2005 to start his own company, Fusion Systems, which built high-performance trading software for global banks. He had spent eight years there when he started investing in Bitcoin.
Even though Zhao's Bitcoin holdings remained in the red, he was convinced that crypto was the future. He learned more and more, pulled short stints at crypto wallet provider Blockchain, and crypto exchange OKEx, and began to think about starting his own exchange.
First though, he came up with an intermediate step: he launched his second company, Bijie Technology, which made cloud-based exchange software.
Cloud computing was just getting off the ground, and giants such as Amazon, Microsoft and Google were convincing companies to ditch their local servers and run their businesses remotely, on their giant server farms. By 2011, the New York Stock Exchange was offering cloud-based, software-as-a-service for its clients, who were running high-performance trading systems.
Soon, many exchanges would follow suit. At its peak, Bijie supplied 30 exchanges with cloud-based exchange software. But Zhao was thinking bigger.
ICO feverNearly four years after getting into Bitcoin, on June 14, 2017, Zhao was dining with a who’s who of the Asian crypto community, including Neo founder Da Hongfei and Monaco (now Crypto.com) founder Kris Marszalek, in Chengdu, China. The discussion concerned initial coin offerings—startups were getting funded on the strength of little more than a good idea, a white paper and by issuing their own token.
Zhao knew, in general, what ICOs were. But as he heard the men talk, he realized this was how he’d launch his crypto exchange.
He left the dinner full of excitement and quickly hammered out a whitepaper, in English and Chinese, laying out the idea for Binance. The name is a portmanteau of “binary” and “finance,” to highlight that there were now two types of money in the world: crypto and fiat. Zhao would build the exchange to handle crypto-to-crypto trades only, circumnavigating the stringent regulations—and cost—that come with handling fiat money.
“With your help,? Binance will build a world-class crypto exchange, powering the future of crypto finance,” the whitepaper promised.
All it needed was its own token.
A token is born
People bought tokens in an ICO based on the promise of revolutionary new technology. But Binance had real, working code: Binance would be the first crypto exchange built on Bijie’s exchange-in-the-cloud software.
In fact, while the token raise was underway, Bijie—the entire company—simply pivoted from being a software provider to being a crypto exchange in the cloud. And changed its name to Binance.
In just two weeks, investors bought into the token sale, which raised $15 million by July 2. Trading of its new token, BNB, would go live in twelve days.
The staff of 30 was still holed up in the erstwhile Bijie office. Employees remember it as being utterly devoid of personality. Its walls were whitewashed and it was so small that people ate at their desks—there wasn’t a lunchroom. The office had “no beauty about it at all,” recalled Lin.
Though bottles of champagne were readied for the exchange’s launch, they were never popped. Almost from the moment it launched, Binance seemed like it would be a disaster.
Investors who bought up Binance Coin believed that it would see 5-10X returns. Instead, when it launched on July 25, 2017, it quickly lost 20 percent of its value.
“It was the highest pressure period of my life,” Zhao told me recently. He tried everything, from listing more altcoins on Binance, to livestreamed Ask-Me-Anything videos, to attract attention to the exchange. He even tried to buy up the coin with his own money, to no avail.
On August 8, Yi He, 33, born in China's Sichuan province, joined Binance as a co-founder and CMO. Zhao knew her from OKcoin—she was the one who persuaded him to come onboard the crypto exchange as CTO. Later, she was vice president of Yixia Technology, a $2.8 billion platform for sharing mobile videos. A natural-born entrepreneur, after a year in that role, she created the live-streaming platform “Yi Zhi Bo,” which was later acquired by Weibo.
At the time, she said, in a blog post, “This world is crazier than you think, and I am part of this crazy world. Therefore, I would like to go back to my battlefield, join Binance, in order to complete my mission.”
The day He came onboard, the price of BNB awoke, and blew up 1,800 percent in just two weeks, rising from $0.13 to $2.45. But Binance’s problems were hardly over.
Binance's escape from ChinaAt this time, the media was blowing plenty of hot air into the growing crypto bubble. Binance couldn’t hire people quickly enough. And when it did find someone to hire, it had nowhere to put them, with three tiny desks for every five people. Zhao said: “It was a cramped office, but very high energy. Everyone was yelling and screaming over each other.”
Then, in late August, Zhao began to hear rumours that the Chinese government had its eye on crypto exchanges, including Binance. That was not a good thing.
Sometimes, Internet companies that attracted the unwanted attention of the Government were “invited to tea” where the situation was ironed out with officials. “There was never any official communication at all,” said Zhao. “It was mostly rumours and more rumours. But the rumours were getting intensive enough we figured there was probably something material.”
He could shut Binance, and let customers withdraw all their money. Or he could take his exchange, and run.
But this wasn’t the Great Escape. If you had been watching Binance’s office, you wouldn’t notice anything out of the usual. People continued to clatter away at keyboards in a cramped office. But what they were doing, was escaping—moving all of Binance’s cloud operations over to Amazon Web Services (AWS), headquartered in the U.S., far beyond China’s Great Firewall.
At the time, Binance had more than 200 cloud-based servers, hosted by the Chinese conglomerate, Alibaba. Its great escape wasn’t dangerous. But it was technically difficult and time consuming. “Some people joked that if we moved the servers by airplane it would probably take the same amount of time,” Zhao said.
Finally, on the night of August 29, the team pushed itself to the limit and got everything uploaded to AWS. By morning light, they were finished.
Zhao said he then moved his team out of Shanghai, “as fast as we could. Some of them were Chinese nationals and required visas, so it took a bit of time to organize.” Others had never been outside of China. “It was a challenge,” he said.
They decamped to Japan, a country that had legalized crypto earlier that year, where Zhao believed his “basic Japanese” would help get things underway.
Riding the Bitcoin bull run
From September to December, 2017, the price of Bitcoin soared, from $3,000 to $20,000—an astonishing 570 percent. People were queueing up to get into crypto exchanges as if they were Walmart shoppers on Black Friday.
The chaos on the outside was mirrored by the mayhem on the inside.
“It was one of those rushes you’re just not prepared for. It was beyond our imagination, this inrush of popularity,” said Lin.
The biggest problem was that Binance couldn’t let just anyone onto its trading platform. All new users had to be ID’d at the door with a time-consuming process called know-your-customer (KYC) protocols. And that created a huge backlog, as well as related support work.
“At one point, we had 45,000 pending KYC applications, with a constant stream of new applicants rolling in,” recalled one early Binance staff member.
“I had to take some of the customer calls myself,” said Lin. “If there were additional tickets that overflowed into non-English speaking members, any of us who could help translate would jump in and help. It was a startup-scramble mode.”
The few that made it into the exchanges pushed trading volume to record levels. At the peak, daily trading volume across all exchanges and coins reached $60 billion; Binance saw $10 billion change hands on one, gorgeous, record-setting day.
While this was cause for celebration, there was a flipside. The exchange had grown so big and was holding so much money, it now had a giant target on its back.
Cancelled in Japan
All bubbles must pop, and when this one did, it was in some ways good news: Things started to settle down at Binance into a pleasant, workable rhythm.
But on the night of March 7, 2018, some of the exchange’s remote workers were having drinks in a bar some distance from the Tokyo office. Zhao happened to be passing, so he joined them. And suddenly, Binance phones started buzzing.
“It was nearly midnight when the first reports of irregular trading activity started flowing in,” one employee who was working operations later told me. “I notified the others immediately.”
Hackers had created fake Google ads to trick users into entering their Binance login details on fake websites. They then drained those accounts, and bought up the bargain coins using other Binance accounts, in an attempt to hide their tracks.
The Binance team moved quickly and were able to stop the coins from leaving the exchange by shutting off the attackers’ withdrawals. Then they were able to roll back the trades to reimburse the affected users.
No money was ultimately lost.
But reputation was. Bad press followed, and two weeks after the hack, the Japanese Financial Services Authority demanded that Binance get an exchange license. The license would carry strict restrictions—including limiting the number of different coins that could be traded on the exchange.
That was a non starter, so once again, the team took flight.
This time, Zhao decided to make the relatively regulation-free island of Malta its home. Malta’s Prime Minister himself, Joseph Muscat— welcomed Binance to the island, which was attempting to become a crypto haven.
The company “officially” moved to Malta.
Only it didn’t, not really.
Binance’s disappearing act
There was no need for any employees to go to Malta. Zhao realized that his people could live wherever they liked. According to Zhao himself, at this point, Binance was not based anywhere.
Employees wanted to work from home, and remotely. “We were growing internationally, we had users in every country,” Zhao said. “It was a growing trend to have people work in distributed locations.”
The diaspora began. After experimenting with various messaging apps, employees ended up using messaging apps, including Telegram—which is popular in the crypto community and has no limits on group chats. Employees started organizing workflows, events, almost everything through the apps. It was a decentralized business run by a distributed company, true Web3 mechanics.
“Experimenting with a distributed team first hand, we found it was an edge. It’s not perfect in how fast we can communicate, but it’s an optimization between efficiency and being effective by being close to the market and time zone we want to serve,” said Lin.
But it put a strain on the employees. The exchange was up 24 hours a day— and so were some of the more obsessive employees. “It’s very hard to organize everything. To do all this, someone has to sacrifice their night-time or early morning time,” said Ella Zhang, head of Binance Labs. It was common for staff to work at all hours, taking naps when they couldn’t stay awake any longer.
Although this radical way of operating took its toll, it enabled Binance to adapt to the round-the-clock demands of the crypto market, and capitalize on it.
That which doesn’t kill us makes us strongerThe hackers that hit Binance in Tokyo were nothing compared to the hack that occurred early on the evening of May 7, 2019.
The hackers had used multiple techniques, including phishing (like in the first attack in March, 2018) and viruses to gain control of several user accounts. One transaction managed to bypass Binance’s pre-withdrawal checks; it nicked 7,000 bitcoin from Binance’s “hot wallet.”
Once that “trade” happened, alarms went off.
The tech team immediately paused withdrawals to try to stop the bleeding. They decided to keep trading going, figuring that without withdrawals, the damage would be contained. At the same time, they focused on preventing the hacker from continuing to attack the system.
The team phoned Zhao, waking him up at 2 a.m. in Singapore. He was shocked, swore a little, but after a few seconds, he calmed down. “We have a simple script,” he told me later. “Stop the bleed, prevent, review, communicate, fix, relaunch—that’s how we handle it.”
After the breach was contained, Zhao announced that Binance would close for an entire week. Anyone on the exchange could keep trading, but nobody would be able to bring new money onto the exchange—or take any out.
For the first four days, a SWAT team of 40 people worked through the night making fixes and upgrading the security of the exchange, while mostly ignoring the Ikea beds that had been rolled into makeshift offices around the world.
The hackers have yet to be found and the investigation is ongoing. “We believe it was a large group effort. Extremely sophisticated,” Zhao said, adding, “We are still working with multiple law enforcement to try to track some of those people down.”
The DAO of Binance
Binance has been insanely busy these past 12 months. Every day brings a new announcement: First leverage trading, then margin trading. Now, lending services, staking rewards and peer-to-peer trading. For its piece de resistance, it partnered with a U.S. entity, led by former Ripple executive Catherine Coley, to launch an American outpost. Binance.US opened an office in San Francisco, not far from its local rival Coinbase, and trading started on September 24.
In a research paper last week, Tushar Jain, managing partner at Multicoin Capital (which invests in BNB tokens, among other things) described the frenetic pace as an example of what the Silicon Valley VC, Reid Hoffman, calls “ blitzscaling.” Hoffman says that’s what happens when a great first-mover startup rapidly scales up its global business.
Jain pointed out that Binance launched a dozen “major” products in Q3 alone, outpacing the combined output of its 12 biggest competitors.
“While each of these products and initiatives have been significant on their own, no one to date has zoomed out and put the pieces together,” he wrote. “Binance is strategically building something much bigger than a crypto exchange: They are building the future of finance. We believe the market has yet to fully understand the objectives of this strategy. Binance is not just an exchange anymore, and it’s well on its way to not being just a company either.”
So, what exactly is it becoming?
For a start, Binance is on its way to becoming a decentralized exchange (DEX), where the exchange would exist independently of the Binance company, hosted by thousands of computers around the world. A reliance on centralized servers in one country or another would be replaced by a censorship-resistant exchange open to all, albeit with the Binance team continuing to update its code.
Beyond this, Jain and others think Binance DEX might go so far as to detach itself completely from the remaining shell of Binance, and Zhao himself. Binance would then become a self-maintaining exchange—kept running by a decentralized autonomous organization ( DAO).
"I believe Binance will become a DAO in that it will be a user owned and operated financial services platform,” Jain told me. “Exchange services are just the first financial service Binance provides. But they are clearly more ambitious and looking at a much larger market."
As a DAO, the decentralized exchange would operate on its own, outside the reach of any government, as a kind of global public service. It would finally disappear into the folds of the Internet, an—if not the—essential “neobanking” component of Web3, finally giving people true freedom over their own money.
On becoming irrelevantIndeed, Zhao seemed to flick at all that the last time I saw him. It was late this summer, at Binance’s first London meetup at Canary Wharf, in the heart of London’s financial district. It was an apt setting for a financial revolution: The meet up was held on the 39th floor of a building that literally looked down on the surrounding skyscrapers that bore the names of the titans of the legacy financial world—HSBC, Barclays and J.P. Morgan, among them.
Zhao, bespectacled as usual, and wearing a Binance T-shirt, took to the stage with a stack of business cards. The only things about him that screamed “billionaire,” rather than “intern,” were the thick bodyguard standing nearby and a chorus of hundreds of screaming fans.
He decreed that one day Binance DEX will become bigger than other major exchanges, even Binance itself. “I do want to help Binance to become a company that will last 50, or 100 years, or even more,” he said. “But at the same time, I do hope I can make myself irrelevant.”
Obviously, that will be both challenging and not without risk.
But that’s nothing new to Binance.
|RecommendKeepReplyMark as Last Read|