Binance is pursuing legal action against the GitHub user who posted the code and has submitted a takedown request to have the code removed from GitHub. The exchange has noted that it is taking steps to prevent further unauthorized access to its systems.
While a spokesperson for Binance reportedly confirmed that the information “posed a negligible risk to the security of our users, their assets or our platform,” the description of the takedown request showed a slightly different picture. It stated that the code “poses a significant risk to Binance and causes severe financial harm to Binance and user’s confusion/harm.”
Binance’s source code repository has been publicly accessible on GitHub for months, according to a report from 404 Media. According to the report, the exposed code repository contained information that could be used to exploit vulnerabilities in the exchange’s security. It had details about the exchange’s authentication and encryption systems and the relationships between various elements of Binance’s infrastructure. It had scripts and code that appeared to be related to Binance’s implementation of passwords and multifactor authentication. The code even contained comments in both English and Chinese.
The report claimed that some of the passwords contained in the code are for production systems, not development or demo environments.
It’s unclear whether this was the result of a malicious attack or a simple error from a binance employee. However, the leaked data has not been accessed or misused by any malicious entities.
Meanwhile, Binance is reportedly working on developing banking triparty solutions that will enable its users to store their assets in separate custodial solutions. The move comes in response to calls from users for more options. Previously, Binance only allowed users to store their assets on its exchange platform or Ceffu custodian wallet, which the exchange claims is its only institutional custody partner.
If you want to read more news articles like this, visit DeFi Planet and follow us on Twitter, LinkedIn, Facebook, Instagram, and CoinMarketCap Community.
“Take control of your crypto portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”
