Per Binance, hackers employed a variety of tactics including phishing and viruses to obtain a large number of 2FA codes and API keys in addition to other information.
In a letter on Binance’s website, CEO Changpeng Zhao states that the bitcoins were withdrawn from its hot wallets, which contain only 2% of the exchange’s total bitcoin holdings. Zhao states that Binance’s other wallets are unaffected.
Binance will suspend all deposits and withdrawls while it conducts a security review on its systems, which Zhao estimates will take up to one week. Trading will still be active and traders will be able to adjust their positions. Zhao states:
“Please also understand that the hackers may still control certain user accounts and may use those to influence prices in the meantime. We will monitor the situation closely. But we believe with withdrawals disabled, there isn’t much incentive for hackers to influence markets.”
Zhao adds that he will conduct a Twitter AMA in a couple of hours to field questions from the community.
Binance will use its Secure Asset Fund for Users (SAFU) to cover the incident. The exchange created the fund in July 2018 as a type of emergency insurance. Binance allocates 10% of its total trading fees to finance SAFU.