GitHub Repository Exposes Binance’s Internal Code and Passwords, Exchange Downplays Risk

GitHub Repository Exposes Binance’s Internal Code and Passwords, Exchange Downplays Risk

Binance, one of the world’s largest cryptocurrency exchanges, has faced a security incident as its source code, including internal passwords and technical information, was discovered on a publicly accessible GitHub repository. Journalists at 404 Media revealed the existence of this repository, containing a cache of code, infrastructure diagrams, and sensitive data related to Binance. The repository, named ‘binance-infra-2.0,’ showcased interconnections among various components of Binance’s dependencies and included scripts related to password implementation and multifactor authentication.

Binance acknowledged the leak, with a spokesperson stating that the exposed information “posed a negligible risk to the security of our users, their assets, or our platform.” However, the takedown request submitted by Binance portrayed a different perspective, indicating that the code “poses a significant risk to Binance and causes severe financial harm.” The spokesperson emphasized that the leaked code does not resemble the current production version.

The leaked information contained passwords for systems marked as “prod,” indicating production systems rather than development environments. Notably, some of these passwords corresponded to Amazon Web Services’ servers used by Binance. It remains unclear whether the code was maliciously distributed by a third party or accidentally uploaded to GitHub by a Binance employee.

The incident raises concerns about the potential vulnerabilities and security lapses in one of the leading cryptocurrency exchanges, highlighting the need for robust measures to safeguard sensitive information and prevent unauthorized access to internal resources.

Powered by Crypto Expert BD

Follow us on Twitter:

Join our Telegram channel: