Binance’s internal passwords and source code has been openly accessible on a GitHub repository for months, with the exchange asserting that the leak posed only a ‘negligible risk.’
Journalists at 404 Media discovered what they say is a “highly sensitive cache of code, infrastructure diagrams, internal passwords,” and other technical information related to Binance, openly available on a GitHub repository for several months.
According to the report, the repository included a folder labeled ‘binance-infra-2.0’ with a diagram illustrating the interconnections among various components of Binance’s dependencies.
See Also: Crypto Exchange Binance Has Recovered Its Market Share Two Months After DOJ Settlement
Additionally, it contained numerous scripts and code, some of which appeared related to Binance’s implementation of passwords and multifactor authentication, with comments in both English and Chinese, as noted by 404 Media.
While a spokesperson for Binance confirmed the leak, noting that the information “posed a negligible risk to the security of our users, their assets or our platform,” the description of the takedown request showed a slightly different picture, saying that the code “poses a significant risk to Binancec. and causes severe financial harm to Binance and user’s confusion/harm.”
The spokesperson also added that the code “does not resemble what we currently have in production.”
As per the report, the leak contained passwords for systems marked as “prod,” indicating production systems rather than demo or development environments.
See Also: Binance Survey: 73% Of Europeans Stay Bullish On Crypto Despite Market Correction
Additionally, at least two of these passwords corresponded to Amazon Web Services’ servers used by Binance, the report says.
However, it is unclear if a third party distributed the code maliciously or if a Binance employee accidentally uploaded it to GitHub.
#Binance #WRITE2EARN
Disclaimer: The information provided is not trading advice, Bitcoinworld.co.in holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.