Binance claims GitHub code leak poses ‘negligible’ risk to users

9 months ago 58
ARTICLE AD

The code leak contained cached GitHub repositories with infrastructure diagrams, passwords, and authentication details.

Binance has refuted claims made by a January 31st report from 404 Media in which details of a GitHub code leak were disclosed. According to Binance, the information revealed in the report was outdated and unusable.

The report said that cached GitHub repositories contained infrastructure diagrams, passwords, and authentication details. The report noted that these had been exposed in GitHub “for months” and contained information on Binance’s internal processes for multi-factor authentication.

In January 24, Binance petitioned to remove these through a takedown request, citing how these could cause confusion and financial harm to the exchange and its users. Binance is pursuing legal action against the GitHub user who originally posted the code.

In the request, Binance claimed that these details “[poses] significant risk” and were posted without authorization.

The leak contained “[our client’s] internal code, which poses a significant risk to Binance, and causes severe financial harm to Binance and user’s confusion/harm,” the exchange said in the takedown request.

Binance has since changed its stance, saying that the code is not comparable to production versions of its system. The crypto exchange said the leak no longer risks platform-level security and usability.

According to Binance, the code was scrubbed to alleviate fears over private data leaks and was no longer useful to any malicious third-party actors.

The code leak comes amid growing regulatory challenges for the exchange. The exchange recently entered a plea deal with the US Department of Justice, agreeing to pay $4.3 billion in fines. More recently, victims of an attack by Hamas sued Binance for allegedly assisting sanctioned organizations. These developments come amid the exchange rebounding its revenues and claiming a 52.6% dominance in spot markets.

The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.

You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.

See full terms and conditions.

Read Entire Article