Binance’s Source Code Leaked on GitHub
Binance, the popular cryptocurrency exchange, had its source code exposed on a public GitHub repository for several months. The leak included sensitive information such as code, infrastructure diagrams, internal passwords, and other technical details.
What Was Found in the Repository?
Journalists at 404 Media discovered a folder labeled ‘binance-infra-2.0’ containing diagrams illustrating the connections between different components of Binance’s dependencies. The repository also contained scripts and code related to password implementation and multifactor authentication. Some of these comments were written in both English and Chinese.
Binance’s Response to the Leak
A spokesperson from Binance confirmed the leak but downplayed its significance, stating that it posed a negligible risk to user security and platform integrity. However, the takedown request filed by Binance painted a different picture, emphasizing that the leaked code could cause severe financial harm and confusion for users.
The spokesperson also mentioned that the leaked code did not match their current production environment.
Potential Impact and Uncertainty
The leaked information included passwords for production systems used by Binance, including Amazon Web Services’ servers. It remains unclear whether the code was intentionally distributed by a third party or if it was accidentally uploaded to GitHub by a Binance employee.
Hot Take: Binance Faces Security Concerns with Source Code Leak
Binance’s source code leak exposes potential vulnerabilities and raises concerns about the security of user assets. While the exchange claims the leak poses minimal risk, the takedown request suggests otherwise. Binance must address this incident promptly and take necessary measures to safeguard its platform and users’ financial interests.
By
By
By
By
By
By