Author

Topic: Did binance hackers exploited with Zombieload flaw (Read 383 times)

staff
Activity: 3304
Merit: 4115
September 16, 2019, 10:45:42 AM
#8
Or could they maybe have been tipped off by a rogue employee who knew about their hardware setup?!
I didn't investigate the last Binance hack but has anyone from their development team been suspected or questioned?
Assuming that the Binance "hack" was a rogue employee the public probably wouldn't be informed that there was an investigation going on. Plus, internally it might not be known that there's an investigation going on. If it was a rogue employee you want them to get complacent, and leave a fingerprint somewhere whether that's digitally or physically If they know there's a investigation going on they could potentially be a little more smarter on how they go about things.

You'll be surprised in even the biggest heists how people get complacent.
legendary
Activity: 2730
Merit: 7065
Hackers learned hardware flaw and cryptocurrency exchanges are best way use this hack so it happened. Shocked
when you heard about a hardware flaw check biggest cryptocurrency exchanges at that days you ll find something  Wink
Or could they maybe have been tipped off by a rogue employee who knew about their hardware setup?!
I didn't investigate the last Binance hack but has anyone from their development team been suspected or questioned?
copper member
Activity: 1204
Merit: 737
✅ Need Campaign Manager? TG > @TalkStar675
In the binance hack, the attackers did not gain access to the servers themselves but rather abused API keys and other user information in order to construct and authorize a transaction that shouldn't have been authorized.
Yeah it can be the proper explanation of recent binance hack. Getting access on main server was the old entrance for hackers and now they are running after API.

It's really unexpected to hear this kinda hacking attempt news continuously. Crypto currencies are running with world's most secure technology but trading platforms are suffering the issue of hacking again and again. It's not something like that exchanges are not careful enough about their website security but hackers are using every tiny hole to reach their target.

There is no way to deny that its high time for exchanges to strengthen their entire system before getting another massive attack soon.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
Zombieload would require getting the binance servers to access a web-page that had the exploit unless they have some of the worst programmers in the world there is no way to remote inject the code to the server. As of now there have been no successful remote exploits of it.

There were a few discussions @ DefCon this summer about Zombieload, Meltdown, etc.
For the most part it's still the desktop end that suffers.
User with access goes someplace they should not, gets hit / infected / leaks something.

Servers are still hit mostly with attacks against the OS / PHP / .net / etc vulnerabilities.

-Dave
legendary
Activity: 1877
Merit: 1396
The Last Cryptocoin Burner
i recently learned from internal source it was probably like i said. Hackers learned hardware flaw and cryptocurrency exchanges are best way use this hack so it happened. Shocked
when you heard about a hardware flaw check biggest cryptocurrency exchanges at that days you ll find something  Wink
member
Activity: 378
Merit: 53
Telegram @keychainX
Recent flaw shows intel cpus are not safe for servers , this kind of information is a benefit for hackers and nearly same days binance hacked, which an exchange known by its security, only way to breach is using an unknown breach so i think they used this flaw and get info from server.Probably binance updated its servers for this flaw and it will not be a threat again but gone is gone  Undecided
https://www.theverge.com/2019/5/14/18623708/zombieload-attack-intel-processors-speculative-execution

Most probably it was an internal scr3w up, with their segwit upgrade.

read this
https://www.finder.com.au/binance-may-have-accidentally-burnt-40-million-in-segwit-migration

/KX
staff
Activity: 3458
Merit: 6793
Just writing some code
No, probably not. Exploiting any speculative execution vulnerability requires executing malicious code on the target machine. In the binance hack, the attackers did not gain access to the servers themselves but rather abused API keys and other user information in order to construct and authorize a transaction that shouldn't have been authorized.
legendary
Activity: 1877
Merit: 1396
The Last Cryptocoin Burner
Recent flaw shows intel cpus are not safe for servers , this kind of information is a benefit for hackers and nearly same days binance hacked, which an exchange known by its security, only way to breach is using an unknown breach so i think they used this flaw and get info from server.Probably binance updated its servers for this flaw and it will not be a threat again but gone is gone  Undecided
https://www.theverge.com/2019/5/14/18623708/zombieload-attack-intel-processors-speculative-execution
Jump to: