Maltese cryptocurrency exchange Binance was the victim of a ransom request from a scammer who claimed to have violated KYC (Know Your Client) data from thousands of its customers.
An unknown attacker threatened the world’s largest cryptocurrency exchange in volume to release KYC information to 10,000 users if the company did not pay 300 bitcoins, which is equivalent to almost $ 3.5 million at today’s exchange value.
Although the hacking has not yet been verified, several photographs of people with their identity cards, such as passports and voter identification cards, were distributed through various online channels.
In response to the incident, Binance just released an official statement today confirming that “an unidentified person threatened and harassed us, asking for 300 BTC in exchange for denying 10,000 photos that look like Binance KYC data.”
Binance said the company was still investigating the legitimacy of these images and refused to pay the ransom, and as a result, an unknown person behind the application began to disseminate data on the Internet and in the media.
It seems that the attacker created the Telegram group, which has already attracted more than 10,000 people and shared more than 400 images of people with passports and identification documents from France, Turkey, the USA, Japan, Russia, and other countries around. in the world.
However, according to Binance, the images published in the attacker’s Telegram group do not have a digital watermark used by the exchange for internal information, which raises doubts about its authenticity.
Binance also adds that his initial analysis of image leaks shows that he appears to date from February 2018, when the exchange “contracted a third-party vendor to verify KYC to manage a large number of requests at that time.”
“We are currently conducting an investigation with a third-party provider for more information. We are continuing the investigation and will keep you posted, ”the company adds.
“We have contacted the competent law enforcement agencies, and we will work closely with them to bring this person to justice.”
In addition, the exchange also offers a reward of 25 bitcoins worth more than $ 290,000 to anyone who provides information regarding the identity of the blackmailer.
Binance CEO Changpeng Zhao also tweeted a statement urging users not to fall in love with the “leak of information” from FUD (fear, uncertainty, doubt), saying the company is currently investigating this issue and will update its users soon.