Binance is not having a good time with hackers lately. The company, which was allegedly hacked and lost some Know Your Customer (KYC) data recently, has just seen its Binance Jersey Twitter account be hacked as well.
An anonymous user known only as @LightningNetwo9 hacked the account claims to be a security researcher. According to him, his motives were not evil, he just wanted to expose how easy it was to take over the account and show that criminals could easily do the same in this situation.
According to him, it would be fairly easy for a skilled hacker to have made a successful attack and to use the profile for phishing scams.
Right now, Binance Jersey has regained control of the profile and deleted the tweets created by the hacker. You can see the deleted links below, originally saved by Coindesk.
It looks like it was mainly someone trying to get a job because he says that he needs work and passes a profile that people should use in case they want to contact him. He also asked the CEO of Binance, Changpeng Zhao, to message him.
Binance Jersey, as you may one, is one of the branches of the crypto exchange, together with Binance Malta, Singapore and Uganda.
The case can highlight how easy it is to take advantage of social media accounts that are not very protected. In these days, you really have to protect your social media accounts very well if you work for a high-profile company such as Binance.
Binance later came back to comment to say they have awarded the white hat hacker with a bug bounty
“We were able to restore the domain name within a few minutes and the Twitter handle a couple of hours later. We will issue a security bug bounty to the white hat hacker, as well as investigate the incident further with our service provider. […] All funds on Binance.JE are safe. No data was compromised.”