Cryptocurrency exchange Binance has pledged to reward anyone who contributes to the arrest of the bad actors who attacked the exchange in March 2018 and stole from users in a phishing campaign.
Over a period of months, unknown people created phishing sites that mimicked Binance’s and collected user login details to attempt to access accounts and hack the platform.
The exchange announced Wednesday that it has now awarded a $ 200,000 bounty to private investigators, which it has not identified, for providing a report identifying one of the alleged attackers and providing information on how the attack was carried out.
Binance made the decision to deliver the promised bounty after two individuals held responsible for the phishing attempt were charged by the United States Department of Justice (DoJ) in February, and also sanctioned by the Treasury Department’s Office of Foreign Assets Control. (OFAC) in September.
Binance’s security team had relayed the investigators’ findings to US law enforcement, along with “other information and indicators,” the exchange said. It also works with US agencies to help identify suspects.
The DoJ and OFAC have named Danil Potekhin and Dimitrii Kamasavidi, both Russians, as alleged perpetrators of the phishing campaign. Furthermore, the Justice Department accuses both of them also carrying out similar attacks on the cryptocurrency exchanges Bittrex, Poloniex and Gemini resulting in combined losses of $ 17 million.
A direct attack on Binance by attackers saw no losses from the exchange, according to a blog post at the time.
However, around 566 bitcoins (now worth around $ 8.8 million) were withdrawn by 142 users through the phishing campaign’s fake sites between December 19, 2017 and March 2, 2018, according to the DoJ indictment. At least some of the cryptocurrency was placed in a “Kamasavidi-controlled” Bitfinex account.
Binance also said it will award private investigators an additional $ 50,000 once the attackers are placed in custody.