Recently, two major cyberattacks targeted users of the popular cryptocurrency exchange Binance and resulted in the theft of tens of millions of dollars worth of the stablecoin Tether (USDT).
The first attack occurred on November 10th when an unknown hacker managed to steal approximately $27 million in USDT from a wallet connected to Binance’s deployer address, according to an analysis by an on-chain analyst. While some speculation arose that Binance’s own smart contracts had been compromised, a spokesperson for the exchange clarified that the stolen funds originated from a Binance user’s withdrawal to an external decentralized finance (DeFi) wallet that was later compromised.
The clever attacker swiftly swapped the stolen USDT for Ethereum (ETH) and proceeded to bridge the funds to itcoin">Bitcoin (BTC) across a network of crypto exchanges in an apparent effort to cover their tracks and launder the stolen money.
In a separate incident disclosed around the same time, Binance’s CEO Changpeng Zhao revealed that executives from an unnamed client were lured to Montenegro under the false pretense of a business trip, abducted, and forced to empty their cryptocurrency wallets for a total loss of approximately $12.5 million in USDT.
The criminals behind this elaborate extortion scheme quickly transferred the stolen Tether to a Tron wallet, but Binance managed to freeze about $11.8 million of it thanks to the assistance of their partners.
While the exact timeline remains unclear, these two brazen cybercrimes targeting Binance clients and involving the theft of many millions of dollars worth of Tether appeared to occur in close proximity to each other in November 2023. Aside from the common themes of stolen USDT and Binance account holders as victims, the two attacks seem to be unrelated based on the available information.
However, they serve as stark reminders that while cryptocurrency offers many advantages, it also carries major cybersecurity risks that users must remain vigilant against.
