Eagle-eyed analysts at London-based research team, Coinfirm, are tracking the stolen bitcoins, and have found the hackers have now spread them across seven digital wallet addresses.
Hackers first split the coins and put them into separate wallets as they worked to cover their tracks.
— Coinfirm (@Coinfirm_io) May 8, 2019
They then worked to move them through a spider's web of wallet addresses in an attempt to hide their trail.
Now, Coinfirm has found the stolen funds have been placed in seven separate anonymous digital wallets.
After we documented the movement of some yesterday(orange) all of the funds 7070.9 BTC ($41.8m) were moved to 7 new addresses(red) pic.twitter.com/4vzVFRb7F4
— Coinfirm (@Coinfirm_io) May 9, 2019
While identities of the hackers currently remains unknown, the trail is far from cold.
Before the stolen coins can be converted to fiat they need to pass through a cryptocurrency exchange, which - normally - require customers to give details of their identity.
Weak KYC could allow hackers to profit
However, Coinfirm believes hackers will exploit a lack of regulation and weak know your customer (KYC) rules to exploit the system and complete their heist.
Pawel Alexsander, chief information officer at the firm, told Reuters:
Exchanges are obliged to have KYC (know-your-customer) processes in place. In practice, many of them do not do this properly. People can open fake accounts, and deposit the funds to that account.”
#Binance Security Incident Update
— Binance (@binance) May 10, 2019
Pledging to leave "no stone unturned", Binance is working to correct the security breach of its hot wallet, as multiple security teams try and track down the hackers and freeze the stolen funds.
Updating its blog, founder Changpeng Zhao said:
We are also working closely with many exchanges and other service providers to freeze the stolen funds.
We are still investigating all other areas of the system to ensure no stone is left unturned.
Furthermore, we are working with a dozen or so industry-leading security expert teams to help improve our security as well as track down the hackers.
Many security and blockchain analytics firms are actively helping us track the stolen funds.
Embarrassment for Binance
A massive embarrassment for the exchange, the theft represented about 2% of Binance's total value, and the firm even mused the potential of rolling back the entire bitcoin network to recover the funds.
Customers' money is guaranteed under Binance's Secure Asset Fund for Users (SAFU), but the company has taken a massive hit to its reputation.
Shutting down all deposits and withdrawals from the platform was a priority, as it works to improve security and make sure hackers can't repeat the attack.
Tentatively, we are looking to resume withdrawals and deposits early next week. We still have a large number of tasks and tests to do, and we are working around the clock on it.
While the bitcoin price was largely unaffected by the news, the breach shocked investors.
It is a blow to Binance following the high-profile launch of its decentralized exchange and fiat-to-crypto services and Michael Novogratz, billionaire CEO of digital assets merchant bank Galaxy Digital, thinks it could lead to tighter regulation of the space.