Binance, the world’s largest cryptocurrency exchange by trading volume, has announced a $10 million bounty fund dedicated to catching hackers and preventing future attacks on its platform. The aggressive move comes just days after a sophisticated phishing-driven attack attempted to manipulate the price of Viacoin through compromised user accounts — an attack that Binance ultimately thwarted, leaving the perpetrators with losses rather than profits.
TL;DR
- Binance is offering a $250,000 bounty in BNB tokens for information leading to the arrest of hackers behind the March 7 attack
- The exchange has allocated $10 million in crypto reserves for future bounty rewards
- The March 7 attack used phishing and homograph domains to compromise user accounts
- Binance’s automated risk management system detected the attack within two minutes and reversed all fraudulent trades
- The exchange has invited other crypto platforms to join its bounty initiative
The March 7 Attack: How It Unfolded
The attempted heist began with a long-running phishing campaign targeting Binance customers. Attackers employed a technique known as a homograph attack — registering domains that used Unicode characters to create website addresses nearly indistinguishable from the legitimate binance.com. The only visual difference was two dots beneath certain characters, a subtlety that most users would never notice. Victims who entered their credentials on these spoofed sites effectively handed over their account access to the attackers.
The actual attack window lasted approximately two minutes on March 7. Using custom-created API keys linked to the compromised accounts, the hackers executed a flurry of automated transactions involving Bitcoin and Viacoin. The strategy was straightforward: instruct the compromised accounts to sell BTC and buy VIA, driving up the price of Viacoin artificially. Simultaneously, 31 accounts that the attackers had预先 created and pre-loaded with VIA tokens were positioned to sell at the inflated price, effectively transferring Bitcoin from the phished accounts into the attackers’ control.
Binance’s Risk Management System Saves the Day
The plan might have succeeded on a less vigilant platform. But Binance’s automated risk management system detected the suspicious trading pattern almost immediately. The exchange blocked all withdrawals, reversed the fraudulent trades, and froze the coins that the attackers had deposited into their 31 accounts. In a remarkable twist, the hackers actually lost money on the attempt — their own funds were trapped alongside the reversed trades.
“To ensure a safe crypto community, we can’t simply play defense,” Binance stated in its announcement. “We need to actively prevent any instances of hacking before they occur, as well as follow through after-the-fact. Even though the hacking attempt against Binance on March 7th was not successful, it was clear it was a large-scale, organized effort. This needs to be addressed.”
A $10 Million War Chest
The centerpiece of Binance’s response is the bounty program. The immediate reward of $250,000, payable in BNB tokens, is offered to anyone who provides information leading to the legal arrest of the hackers responsible for the March 7 incident. Beyond that, Binance has committed the equivalent of $10 million in cryptocurrency reserves for future bounty awards against any illegal hacking attempts on the platform.
The exchange has also extended an invitation to other cryptocurrency businesses to join the initiative, signaling a broader industry-wide approach to security. Whether other exchanges will follow suit remains to be seen, but the precedent is significant. At a time when the cryptocurrency space was still reeling from the $530 million Coincheck hack in January, Binance’s proactive stance represented a departure from the typically reactive security posture of most exchanges.
Exchange Volume Manipulation Raises Further Concerns
The Binance incident was not the only security concern making headlines on March 13. Independent researcher Sylvain Ribes published a damning analysis suggesting that some of the largest cryptocurrency exchanges may be significantly inflating their trading volumes. Ribes’ methodology involved measuring slippage — the difference between expected and actual trade execution prices — across multiple platforms. His findings indicated that OKex, one of the highest-volume exchanges, exhibited slippage rates of 1 to 4 percent on market sell orders, suggesting that the reported volume was not supported by genuine trading activity.
According to Ribes’ analysis, over $3 billion in daily trading volume across major exchanges could be fabricated. The implications are particularly concerning for tokens like Litecoin and Bitcoin Cash, where as much as 75 percent of reported volume was concentrated on exchanges flagged for suspicious activity. OKex alone reportedly accounted for more than 30 percent of both currencies’ total volume, raising serious questions about price discovery and market integrity.
Why This Matters
The events of March 2018 highlighted two critical vulnerabilities in the cryptocurrency ecosystem: the persistent threat of targeted attacks on exchanges and the broader question of market integrity. Binance’s $10 million bounty program represented a watershed moment — for the first time, a major exchange was not just defending itself but actively going on the offensive against hackers. The exchange’s success in thwarting the Viacoin attack demonstrated that automated risk management systems could be effective, but the sophistication of the phishing campaign also showed that attackers were becoming more resourceful. Meanwhile, the volume manipulation allegations underscored a fundamental trust problem in cryptocurrency markets that would take years to address through improved regulation and transparency.
Disclaimer: This article is for informational purposes only and does not constitute financial or investment advice. Cryptocurrency markets are highly volatile. Always conduct your own research before making investment decisions.
10M total bounty fund from the biggest exchange in the world. good start but barely moves the needle for sophisticated attackers
reversing all trades in under 2 minutes is insane response time. most exchanges would still be checking server logs 48 hours later
$250K bounty feels low for catching someone who tried to manipulate an entire market. glad Binance had the risk engine to stop it though
Marta its $250K per tip, the $10M is the total fund. still low for what theyre protecting but its not a one time payout
2 minutes is wild but also kind of terrifying. what happens when the response system doesnt catch the next one fast enough
of all the coins to try a pump and dump on they picked viacoin. not exactly the most liquid target for that play
homograph domains are scary effective. looked at one of those fake binance urls side by side with the real one and literally could not tell the difference
homograph attacks work because unicode is a mess. browsers still havent fully solved this and its 2026