Did binance hackers exploited with Zombieload flaw

Welsh

staff

Activity: 3304

Merit: 4115

Quote from: Pmalek on September 15, 2019, 02:31:40 AM

Or could they maybe have been tipped off by a rogue employee who knew about their hardware setup?!
I didn't investigate the last Binance hack but has anyone from their development team been suspected or questioned?

Assuming that the Binance "hack" was a rogue employee the public probably wouldn't be informed that there was an investigation going on. Plus, internally it might not be known that there's an investigation going on. If it was a rogue employee you want them to get complacent, and leave a fingerprint somewhere whether that's digitally or physically If they know there's a investigation going on they could potentially be a little more smarter on how they go about things.

You'll be surprised in even the biggest heists how people get complacent.

Pmalek

legendary

Activity: 2730

Merit: 7065

Quote from: teramit on September 14, 2019, 09:09:03 AM

Hackers learned hardware flaw and cryptocurrency exchanges are best way use this hack so it happened. Shocked

when you heard about a hardware flaw check biggest cryptocurrency exchanges at that days you ll find something Wink

Or could they maybe have been tipped off by a rogue employee who knew about their hardware setup?!
I didn't investigate the last Binance hack but has anyone from their development team been suspected or questioned?

TalkStar

copper member

Activity: 1204

Merit: 737

✅ Need Campaign Manager? TG > @TalkStar675

Quote from: achow101 on May 15, 2019, 02:07:31 PM

In the binance hack, the attackers did not gain access to the servers themselves but rather abused API keys and other user information in order to construct and authorize a transaction that shouldn't have been authorized.

Yeah it can be the proper explanation of recent binance hack. Getting access on main server was the old entrance for hackers and now they are running after API.

It's really unexpected to hear this kinda hacking attempt news continuously. Crypto currencies are running with world's most secure technology but trading platforms are suffering the issue of hacking again and again. It's not something like that exchanges are not careful enough about their website security but hackers are using every tiny hole to reach their target.

There is no way to deny that its high time for exchanges to strengthen their entire system before getting another massive attack soon.

DaveF

legendary

Activity: 3500

Merit: 6320

Crypto Swap Exchange

Zombieload would require getting the binance servers to access a web-page that had the exploit unless they have some of the worst programmers in the world there is no way to remote inject the code to the server. As of now there have been no successful remote exploits of it.

There were a few discussions @ DefCon this summer about Zombieload, Meltdown, etc.
For the most part it's still the desktop end that suffers.
User with access goes someplace they should not, gets hit / infected / leaks something.

Servers are still hit mostly with attacks against the OS / PHP / .net / etc vulnerabilities.

-Dave

teramit

legendary

Activity: 1877

Merit: 1396

The Last Cryptocoin Burner

i recently learned from internal source it was probably like i said. Hackers learned hardware flaw and cryptocurrency exchanges are best way use this hack so it happened. Shocked

when you heard about a hardware flaw check biggest cryptocurrency exchanges at that days you ll find something Wink

keychainX

member

Activity: 378

Merit: 53

Telegram @keychainX

Quote from: teramit on May 15, 2019, 11:55:24 AM

Recent flaw shows intel cpus are not safe for servers , this kind of information is a benefit for hackers and nearly same days binance hacked, which an exchange known by its security, only way to breach is using an unknown breach so i think they used this flaw and get info from server.Probably binance updated its servers for this flaw and it will not be a threat again but gone is gone Undecided

https://www.theverge.com/2019/5/14/18623708/zombieload-attack-intel-processors-speculative-execution

Most probably it was an internal scr3w up, with their segwit upgrade.

read this
https://www.finder.com.au/binance-may-have-accidentally-burnt-40-million-in-segwit-migration

/KX

achow101

staff

Activity: 3458

Merit: 6793

Just writing some code

No, probably not. Exploiting any speculative execution vulnerability requires executing malicious code on the target machine. In the binance hack, the attackers did not gain access to the servers themselves but rather abused API keys and other user information in order to construct and authorize a transaction that shouldn't have been authorized.

teramit

legendary

Activity: 1877

Merit: 1396

The Last Cryptocoin Burner

Recent flaw shows intel cpus are not safe for servers , this kind of information is a benefit for hackers and nearly same days binance hacked, which an exchange known by its security, only way to breach is using an unknown breach so i think they used this flaw and get info from server.Probably binance updated its servers for this flaw and it will not be a threat again but gone is gone Undecided

https://www.theverge.com/2019/5/14/18623708/zombieload-attack-intel-processors-speculative-execution

Topic: Did binance hackers exploited with Zombieload flaw (Read 383 times)