Binance
Company Details
Linkedin ID:
binance
Website:
Employees number:
13,525
Number of followers:
964,173
NAICS:
513
Industry Type:
Homepage:
binance.com
IP Addresses:
40
Company ID:
BIN_5080003
Scan Status:
Completed
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
Binance Vendor Cyber Rating & Cyber Score
binance.comBinance is the world’s leading blockchain ecosystem and cryptocurrency infrastructure provider with a product suite that includes the world's largest digital asset exchange and much more. Trusted by over 200 millions of users worldwide, the Binance platform is dedicated to increasing the freedom of money for users, and features an unmatched portfolio of crypto products and offerings, including: trading and finance, education, data and research, social good, investment and incubation, decentralization and infrastructure solutions, and more. Posts are not directed towards UK users.
Binance A.I CyberSecurity Scoring
Binance Risk Score (AI oriented)Between 0 and 549
Binance
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Binance Global Score (TPRM)XXXX
Binance
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Binance Company CyberSecurity News & History
Past Incidents
8
Attack Types
3
Canadian Institute for CybersecurityBinance, INSS and Google: BeatBanker Android Trojan Uses Silent Audio Loop to Steal Crypto
Cyber Attack
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: BeatBanker: The Dual-Mode Android Trojan Using Silent Audio to Steal Crypto and Bank Funds Security researchers at Kaspersky have uncovered *BeatBanker*, a sophisticated Android Trojan targeting users in Brazil through a fake Google Play Store. The malware employs a unique evasion tactic playing an inaudible five-second audio loop to prevent the system from terminating its process, ensuring persistent operation. The attack begins with a counterfeit website (*cupomgratisfoodshop*), mimicking the official Google Play Store to distribute the *INSS Reembolso* app. Disguised as a government portal for social security services, the app tricks victims into granting dangerous permissions under the guise of an "update." Once installed, BeatBanker displays a fake system notification to maintain activity while silently running in the background. The Trojan’s primary function is financial theft. When users open cryptocurrency apps like Binance or Trust Wallet, BeatBanker overlays a fake screen, swapping the recipient’s wallet address with the attacker’s during transactions. It also monitors browser activity in Chrome and Edge to harvest login credentials. Recent variants have escalated the threat by deploying *BTMOB RAT*, a remote access tool that grants attackers full control recording audio, accessing cameras, tracking GPS, and even performing a factory reset to erase evidence. The malware spreads by exploiting accessibility permissions, often under false pretenses. Kaspersky’s findings highlight BeatBanker’s dual-mode capabilities: cryptocurrency mining to drain device resources and direct financial theft through deceptive overlays. The campaign underscores the evolving tactics of mobile malware, particularly in regions with high digital banking adoption.
Netflix, Facebook, TikTok, Binance, OnlyFans, Microsoft Outlook, Apple iCloud, Consumer Banks and Government Systems: 149 million login details leaked via unsecured database
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Massive Exposed Database Containing 149 Million Credentials Discovered Online Security researcher Jeremiah Fowler uncovered a publicly accessible database containing 149 million usernames and passwords, including credentials for major platforms and sensitive systems. The unsecured collection, which was freely accessible via a web browser, included 48 million Gmail accounts, 17 million Facebook logins, 420,000 Binance credentials, 3.4 million Netflix accounts, 780,000 TikTok logins, and 100,000 OnlyFans accounts. Additionally, it held 1.5 million Microsoft Outlook, 900,000 Apple iCloud, and 1.4 million .edu credentials, along with login details for government systems and consumer bank accounts. Fowler reported the database to the Canadian hosting provider, which took it offline after nearly a month for violating its terms of service. During this period, the database continued to grow, suggesting ongoing data collection. Fowler suspects the credentials were harvested via infostealing malware, which logs keystrokes when victims enter login details on compromised sites. The discovery highlights the thriving infostealer market, where stolen credentials are sold for as little as $10 per log on the dark web. The simplicity of such malware makes it a popular tool for cybercriminals, enabling large-scale credential theft with minimal effort. The incident underscores the risks of unsecured databases and the widespread impact of infostealer-driven breaches.
Yahoo, Facebook, TikTok, Netflix, Microsoft Outlook, OnlyFans, Binance and Canadian service provider: Massive Data Breach Exposes 149 Million User Passwords For Gmail, Facebook, & More
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Massive Credential Breach Exposes 149 Million Logins in Unsecured Database A security researcher recently uncovered a staggering data exposure involving 149 million usernames and passwords left unprotected on the internet. The database, hosted by a Canadian service provider, was freely accessible via a standard web browser, allowing anyone to search and extract sensitive login details without authentication. The breach remained active for about a month, with new credentials continuously added before the hosting provider took it offline following notification. The compromised data spanned a wide range of platforms, including: - Email services: 48 million Gmail, 4 million Yahoo, and 1.5 million Microsoft Outlook accounts - Social media: 17 million Facebook, 780,000 TikTok, and 100,000 OnlyFans logins - Streaming & entertainment: 3.4 million Netflix subscriptions - Financial services: 420,000 Binance cryptocurrency accounts, along with banking and credit card details - Government & education: 1.4 million .edu domain credentials and other official systems Investigators traced the breach to infostealing malware, which infects devices through phishing, malicious downloads, or compromised websites. The malware logs keystrokes and captures login credentials, funneling them into centralized databases like the one discovered. Each entry included unique identifiers, suggesting the database was designed for large-scale criminal operations, such as account takeovers or ransomware attacks. The implications of this breach are severe, with risks ranging from identity theft and financial fraud to potential espionage via compromised government and academic accounts. The incident reflects a broader trend of unsecured databases and the growing accessibility of cybercrime tools renting infrastructure for such operations can cost as little as $200–$300 per month, enabling even low-skilled threat actors to amass vast troves of data. While no immediate exploits have been confirmed, the exposure underscores persistent vulnerabilities in data security practices. Similar breaches have repeatedly demonstrated how quickly stolen credentials circulate on underground forums, prolonging the threat long after the initial leak. The full impact of this incident may unfold over time as attackers exploit the exposed information.
Binance: Trust Wallet users lost nearly $7 million due to an exploit.
Cyber Attack
Rankiteo Explanation
Attack limited on finance or reputation
Description: Trust Wallet Browser Extension Exploit Targets Cryptocurrency Users Trust Wallet, a popular cryptocurrency wallet provider, disclosed a security breach affecting users of its browser extension version 2.68. The vulnerability, which remained active for several days, was first flagged on December 24 after blockchain researcher ZachXBT detected unusual fund outflows from compromised wallets. The exploit specifically impacted users who entered private keys into the vulnerable extension, leading to unauthorized access and theft of assets. Affected cryptocurrencies included Ethereum (ETH), Bitcoin (BTC), and Solana (SOL), with some victims losing funds stored for years. The attacker funneled stolen tokens through intermediate addresses before cashing out via exchanges like KuCoin, HTX, ChangeNOW, and FixedFloat. Trust Wallet confirmed that only the browser extension was affected, urging users to disable version 2.68 and upgrade to version 2.69. Mobile and desktop versions remained secure. The company is investigating how the malicious version was uploaded to app stores under its official brand. In response, Changpeng Zhao (CZ), founder and former CEO of Binance, announced that all affected users would receive compensation. The full scope of the breach and the attack vector remain under investigation.
Binance
Breach
Rankiteo Explanation
Attack threatening the organization’s existence
Description: Gambaryan, an ex-IRS investigator and Binance executive, was jailed in Nigeria for alleged money laundering and tax evasion. He was invited to Nigeria to discuss issues between the Nigerian government and Binance, including accusations of money laundering and contributing to the devaluation of the Nigerian currency. His health has worsened in prison, requiring urgent medical care for a herniated disc. Though the charges have been dropped on medical grounds, he remains in Nigeria, and pressure from the US continues for his release. Gambaryan's case has drawn international attention, and congressional members have urged considering it a hostage scenario.
Binance
Breach
Rankiteo Explanation
Attack threatening the organization’s existence
Description: Tigran Gambaryan, head of Binance's investigations and financial crime compliance, is detained in Nigeria under accusations of money laundering and tax evasion related to Binance's operations. His detention and the charges levied against him have raised international concern, with US Congress members advocating for his immediate release. This incident has implications for Binance's reputation and could potentially disrupt the company's compliance operations. Gambaryan's track record as a federal agent combating crypto crimes emphasizes the irony of his current situation, providing a stark contrast to the accusations he now faces.
Binance
Ransomware
Rankiteo Explanation
Attack threatening the organization's existence
Description: Binance, largest crypto exchange suffered a massive cyber which temporarily halted the operation of its Binance Smart Chain. The hackers stole $570 million from a blockchain linked with Binance. However, Binance resumed its operations of the BSC chain after releasing a software update that froze the hackers’ accounts.
Binance
Breach
Rankiteo Explanation
Attack threatening the organization’s existence
Description: One of the world’s largest cryptocurrency exchanges, Binance, has been breached, with criminal hackers stealing 7,000 bitcoins. The organisation confirmed that it had suffered a “large scale security breach” in a multi-layered attack. It was unfortunate that the company was not able to block this withdrawal before it was executed. The hackers used the information to make a single transaction, transferring the bitcoins from a hot wallet into an account they owned.
Binance Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Binance
Incidents vs Technology, Information and Internet Industry Average (This Year)
Binance has 21.95% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
Binance has 70.94% more incidents than the average of all companies with at least one recorded incident.
Incident Types Binance vs Technology, Information and Internet Industry Avg (This Year)
Binance reported 2 incidents this year: 0 cyber attacks, 0 ransomware, 0 vulnerabilities, 2 data breaches, compared to industry peers with at least 1 incident.
Incident History — Binance (X = Date, Y = Severity)
Binance cyber incidents detection timeline including parent company and subsidiaries
Binance Company Subsidiaries
Binance is the world’s leading blockchain ecosystem and cryptocurrency infrastructure provider with a product suite that includes the world's largest digital asset exchange and much more. Trusted by over 200 millions of users worldwide, the Binance platform is dedicated to increasing the freedom of money for users, and features an unmatched portfolio of crypto products and offerings, including: trading and finance, education, data and research, social good, investment and incubation, decentralization and infrastructure solutions, and more. Posts are not directed towards UK users.
Loading...
Binance Similar Companies
Avnet
Avnet is a global electronic components distributor with extensive design, product, marketing and supply chain expertise for customers and suppliers at every stage of the product lifecycle. For the past 100 years, Avnet has helped its customers and suppliers around the world realize the transformati
Meesho
Meesho is India’s e-commerce marketplace, on a mission to democratise internet commerce. Our multi-sided technology platform connects four key stakeholders — consumers, sellers, logistics partners, and content creators — to power inclusive growth at scale. We enable individuals and small businesse
Sohu.com Inc. (NASDAQ: SOHU) is China's premier online brand and indispensable to the daily life of millions of Chinese, providing a network of web properties and community based/web 2.0 products which offer the vast Sohu user community a broad array of choices regarding information, entertainment a
Swiggy
Swiggy is India’s pioneering on-demand convenience platform, catering to millions of consumers each month. Founded in 2014, its mission is to elevate the quality of life for the urban consumer by offering unparalleled convenience. With an extensive footprint in food delivery, Swiggy Food collaborate
Akamai Technologies
At Akamai, we make life better for billions of people, billions of times a day. Every day, billions of people around the world connect with their favorite brands to shop online, play the latest video games, log into mobile banking apps, learn remotely, share videos with friends, and so much more.
IndiaMART is India's largest online B2B marketplace, connecting buyers with suppliers across a wide array of industries. IndiaMART provides a platform for Small & Medium Enterprises (SMEs), large enterprises, and individual buyers, helping them access diverse portfolios of quality products. Since 1
Mercado Livre Brasil
At Mercado Libre, we are transforming the way people buy, sell, advertise, pay, finance, and ship across Latin America. We are the leading e-commerce and fintech company in the region, with a presence in 18 countries and a team of more than 120,000 people. We are one of the best places to work in L
Zomato’s mission statement is “better food for more people.” Since our inception in 2010, we have grown tremendously, both in scope and scale - and emerged as India’s most trusted brand during the pandemic, along with being one of the largest hyperlocal delivery networks in the country. Today, Zoma
OYO is a global platform that aims to empower entrepreneurs and small businesses with hotels and homes by providing full-stack technology products and services that aims to increase revenue and ease operations; bringing easy-to-book, affordable, and trusted accommodation to customers around the worl
.png)
Binance CyberSecurity News
March 25, 2026 06:08 AM
PRL Token Generation Event: Binance Wallet Launches Exclusive Token Amid Major Exchange Backing
BitcoinWorld PRL Token Generation Event: Binance Wallet Launches Exclusive Token Amid Major Exchange Backing In a significant move for the...
March 25, 2026 05:04 AM
Changpeng Zhao Issues Critical Warning: 99.999% of Binance Listing Offers Are Dangerous Scams
BitcoinWorld Changpeng Zhao Issues Critical Warning: 99.999% of Binance Listing Offers Are Dangerous Scams In a stark warning to the global...
March 24, 2026 07:00 AM
Binance Announces Strategic EDGE Futures Listing: Unlocking Pre-Market Access with 5x Leverage
BitcoinWorld Binance Announces Strategic EDGE Futures Listing: Unlocking Pre-Market Access with 5x Leverage Global cryptocurrency exchange...
March 17, 2026 04:53 PM
Bitrefill Discloses Data Breach Following Cyberattack
Bitcoin payment service provider Bitrefill announced on the X platform that it experienced a cyberattack on March 1, 2026,...
March 10, 2026 04:16 AM
UK Crypto Security 2026: Avoid Binance SMS Scams & Choose Safe Exchange
UK crypto scams 2026: avoid Binance text phishing, choose safest exchanges like Bitget.
February 23, 2026 08:00 AM
Cybersecurity stocks have plummeted since Anthropic launched the security software Claude Code Security.
Cybersecurity stocks have plummeted since Anthropic launched the security software Claude Code Security. More than $52.6 billion wiped out...
February 23, 2026 08:00 AM
Cybersecurity stocks tank after Anthropic unveils Claude Code Security
Shares in leading listed cybersecurity companies have fallen since Anthropic's launch of Claude Code Security on Friday, an AI-powered code...
February 20, 2026 08:00 AM
Claude AI Just Erased $15 Billion From Cybersecurity Stocks
According to @BullTheoryio on X, a single tweet from Claude AI wiped out over $15 billion from cybersecurity stocks in one session. CrowdStrike...
February 20, 2026 08:00 AM
Wendyy_(@wendyr9)'s insights
BTC SHOCKING: One AI Tweet Just Crushed Cybersecurity Stocks $15B! A single announcement about “Claude Code Security” entering limited...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Binance CyberSecurity History Information
Official Website of Binance
The official website of Binance is https://www.binance.com/.
Binance’s AI-Generated Cybersecurity Score
According to Rankiteo, Binance’s AI-generated cybersecurity score is 477, reflecting their Critical security posture.
How many security badges does Binance’ have ?
According to Rankiteo, Binance currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Binance been affected by any supply chain cyber incidents ?
According to Rankiteo, Binance has been affected by a supply chain cyber incident involving Canadian Institute for Cybersecurity, with the incident ID YAHFACTIKNETMICONLBINCAN1769189638.
Does Binance have SOC 2 Type 1 certification ?
According to Rankiteo, Binance is not certified under SOC 2 Type 1.
Does Binance have SOC 2 Type 2 certification ?
According to Rankiteo, Binance does not hold a SOC 2 Type 2 certification.
Does Binance comply with GDPR ?
According to Rankiteo, Binance is not listed as GDPR compliant.
Does Binance have PCI DSS certification ?
According to Rankiteo, Binance does not currently maintain PCI DSS compliance.
Does Binance comply with HIPAA ?
According to Rankiteo, Binance is not compliant with HIPAA regulations.
Does Binance have ISO 27001 certification ?
According to Rankiteo,Binance is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Binance
Binance operates primarily in the Technology, Information and Internet industry.
Number of Employees at Binance
Binance employs approximately 13,525 people worldwide.
Subsidiaries Owned by Binance
Binance presently has no subsidiaries across any sectors.
Binance’s LinkedIn Followers
Binance’s official LinkedIn profile has approximately 964,173 followers.
NAICS Classification of Binance
Binance is classified under the NAICS code 513, which corresponds to Others.
Binance’s Presence on Crunchbase
Yes, Binance has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/binance.
Binance’s Presence on LinkedIn
Yes, Binance maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/binance.
Cybersecurity Incidents Involving Binance
As of April 03, 2026, Rankiteo reports that Binance has experienced 8 cybersecurity incidents.
Number of Peer and Competitor Companies
Binance has an estimated 14,204 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Binance ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware, Cyber Attack and Breach.
What was the total financial impact of these incidents on Binance ?
Total Financial Loss: The total financial loss from these incidents is estimated to be $570.01 million.
How does Binance detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with software update to freeze hackers' accounts, and recovery measures with resumed operations of the bsc chain, and communication strategy with advocacy by us congress members, and containment measures with users advised to disable the vulnerable extension and upgrade to v2.69, and remediation measures with release of patched version (v2.69), and communication strategy with public advisory to users, and containment measures with database taken offline by hosting provider, and containment measures with database taken offline by hosting provider, and third party assistance with kaspersky..
Incident Details
Can you provide details on each incident ?
Title: Binance Smart Chain Hack
Description: Binance, the largest crypto exchange, suffered a massive cyber attack which temporarily halted the operation of its Binance Smart Chain. The hackers stole $570 million from a blockchain linked with Binance. However, Binance resumed its operations of the BSC chain after releasing a software update that froze the hackers’ accounts.
Type: Cyber Attack
Threat Actor: Hackers
Motivation: Financial Gain
Title: Binance Cryptocurrency Exchange Breach
Description: Criminal hackers stole 7,000 bitcoins from Binance, one of the world’s largest cryptocurrency exchanges, in a large scale security breach.
Type: Cryptocurrency Theft
Attack Vector: Multi-layered attack
Threat Actor: Criminal hackers
Motivation: Financial gain
Title: Detention of Binance's Head of Investigations and Financial Crime Compliance
Description: Tigran Gambaryan, head of Binance's investigations and financial crime compliance, is detained in Nigeria under accusations of money laundering and tax evasion related to Binance's operations. His detention and the charges levied against him have raised international concern, with US Congress members advocating for his immediate release. This incident has implications for Binance's reputation and could potentially disrupt the company's compliance operations. Gambaryan's track record as a federal agent combating crypto crimes emphasizes the irony of his current situation, providing a stark contrast to the accusations he now faces.
Type: Legal Incident
Threat Actor: Nigerian Authorities
Motivation: Money LaunderingTax Evasion
Title: Arrest and Detention of Ex-IRS Investigator and Binance Executive in Nigeria
Description: Gambaryan, an ex-IRS investigator and Binance executive, was jailed in Nigeria for alleged money laundering and tax evasion. He was invited to Nigeria to discuss issues between the Nigerian government and Binance, including accusations of money laundering and contributing to the devaluation of the Nigerian currency. His health has worsened in prison, requiring urgent medical care for a herniated disc. Though the charges have been dropped on medical grounds, he remains in Nigeria, and pressure from the US continues for his release. Gambaryan's case has drawn international attention, and congressional members have urged considering it a hostage scenario.
Type: Money Laundering, Tax Evasion
Threat Actor: Nigerian Government
Motivation: Money Laundering, Tax Evasion
Title: Trust Wallet Browser Extension Security Incident
Description: Cryptocurrency wallet Trust Wallet reported a security incident affecting version 2.68 of its browser extension. Users were advised to disable the extension and upgrade to version 2.69. The mobile version was unaffected. The incident involved attackers uploading a vulnerable version of the wallet to the app store under Trust Wallet's official brand.
Date Detected: 2023-12-24
Type: Supply Chain Attack
Attack Vector: Malicious browser extension update
Vulnerability Exploited: Vulnerable version of Trust Wallet browser extension (v2.68)
Motivation: Financial gain
Title: Massive Exposed Database Containing 149 Million Credentials Discovered Online
Description: Security researcher Jeremiah Fowler uncovered a publicly accessible database containing 149 million usernames and passwords, including credentials for major platforms and sensitive systems. The unsecured collection included 48 million Gmail accounts, 17 million Facebook logins, 420,000 Binance credentials, 3.4 million Netflix accounts, 780,000 TikTok logins, and 100,000 OnlyFans accounts, along with 1.5 million Microsoft Outlook, 900,000 Apple iCloud, and 1.4 million .edu credentials, as well as login details for government systems and consumer bank accounts. The database was taken offline after nearly a month for violating the hosting provider's terms of service.
Type: Data Breach
Attack Vector: Infostealing Malware
Vulnerability Exploited: Unsecured Database
Motivation: Financial Gain
Title: Massive Credential Breach Exposes 149 Million Logins in Unsecured Database
Description: A security researcher uncovered a data exposure involving 149 million usernames and passwords left unprotected on the internet. The database, hosted by a Canadian service provider, was freely accessible via a standard web browser without authentication. The breach remained active for about a month, with new credentials continuously added before the hosting provider took it offline following notification. The compromised data spanned email services, social media, streaming, financial services, and government/education accounts. The breach was traced to infostealing malware, which logs keystrokes and captures login credentials for criminal operations.
Type: Data Breach
Attack Vector: Infostealing Malware
Vulnerability Exploited: Unsecured Database
Motivation: Financial Gain, Account Takeovers, Ransomware Attacks
Title: BeatBanker: The Dual-Mode Android Trojan Using Silent Audio to Steal Crypto and Bank Funds
Description: Security researchers at Kaspersky have uncovered *BeatBanker*, a sophisticated Android Trojan targeting users in Brazil through a fake Google Play Store. The malware employs a unique evasion tactic playing an inaudible five-second audio loop to prevent the system from terminating its process, ensuring persistent operation. The attack begins with a counterfeit website (*cupomgratisfoodshop*), mimicking the official Google Play Store to distribute the *INSS Reembolso* app. Disguised as a government portal for social security services, the app tricks victims into granting dangerous permissions under the guise of an 'update.' Once installed, BeatBanker displays a fake system notification to maintain activity while silently running in the background. The Trojan’s primary function is financial theft. When users open cryptocurrency apps like Binance or Trust Wallet, BeatBanker overlays a fake screen, swapping the recipient’s wallet address with the attacker’s during transactions. It also monitors browser activity in Chrome and Edge to harvest login credentials. Recent variants have escalated the threat by deploying *BTMOB RAT*, a remote access tool that grants attackers full control recording audio, accessing cameras, tracking GPS, and even performing a factory reset to erase evidence. The malware spreads by exploiting accessibility permissions, often under false pretenses. Kaspersky’s findings highlight BeatBanker’s dual-mode capabilities: cryptocurrency mining to drain device resources and direct financial theft through deceptive overlays.
Type: Trojan
Attack Vector: Malicious app distributed via fake website
Vulnerability Exploited: Exploitation of accessibility permissions, fake overlays
Motivation: Financial theft
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Malicious browser extension update, Infostealing Malware, Phishing, Malicious Downloads, Compromised Websites and Fake Google Play Store website (*cupomgratisfoodshop*).
Impact of the Incidents
What was the impact of each incident ?
Incident : Cyber Attack BIN1791022
Financial Loss: $570 million
Systems Affected: Binance Smart Chain
Downtime: Temporary halt of BSC operations
Operational Impact: Temporary halt of operations
Incident : Cryptocurrency Theft BIN142717323
Financial Loss: 7,000 bitcoins
Systems Affected: Hot wallet
Incident : Legal Incident BIN000071224
Operational Impact: Potential disruption to compliance operations
Brand Reputation Impact: Significant
Legal Liabilities: Detention and potential legal charges
Incident : Supply Chain Attack BIN1766986758
Data Compromised: Private keys
Systems Affected: Trust Wallet browser extension (v2.68)
Operational Impact: Users advised to avoid using the vulnerable extension
Brand Reputation Impact: Yes
Identity Theft Risk: High (private keys exposed)
Payment Information Risk: High (cryptocurrency wallets drained)
Incident : Data Breach NETFACTIKBINONLMICAPPCONGOV1769182444
Data Compromised: 149 million credentials
Brand Reputation Impact: High
Identity Theft Risk: High
Payment Information Risk: High
Incident : Data Breach YAHFACTIKNETMICONLBINCAN1769189638
Data Compromised: 149 million usernames and passwords
Systems Affected: Email services, social media, streaming, financial services, government/education accounts
Brand Reputation Impact: High
Identity Theft Risk: High
Payment Information Risk: High
Incident : Trojan BININSGOO1773253647
Financial Loss: Crypto and bank funds theft
Data Compromised: Login credentials, wallet addresses, personally identifiable information
Systems Affected: Android devices
Operational Impact: Device resource drainage, unauthorized remote access
Identity Theft Risk: High
Payment Information Risk: High
What is the average financial loss per incident ?
Average Financial Loss: The average financial loss per incident is $71.25 million.
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Private keys, Usernames, Passwords, , Usernames, Passwords, Banking/Credit Card Details, , Login Credentials, Wallet Addresses, Personally Identifiable Information and .
Which entities were affected by each incident ?
Incident : Cyber Attack BIN1791022
Entity Name: Binance
Entity Type: Crypto Exchange
Industry: Cryptocurrency
Size: Large
Incident : Cryptocurrency Theft BIN142717323
Entity Name: Binance
Entity Type: Cryptocurrency Exchange
Industry: Financial Services
Size: Large
Incident : Legal Incident BIN000071224
Entity Name: Binance
Entity Type: Cryptocurrency Exchange
Industry: Financial Services
Location: Global
Size: Large
Incident : Money Laundering, Tax Evasion BIN000102424
Entity Name: Binance
Entity Type: Cryptocurrency Exchange
Industry: Financial Services
Location: Global
Incident : Supply Chain Attack BIN1766986758
Entity Name: Trust Wallet
Entity Type: Cryptocurrency Wallet Provider
Industry: FinTech, Cryptocurrency
Customers Affected: Users of Trust Wallet browser extension v2.68
Incident : Data Breach NETFACTIKBINONLMICAPPCONGOV1769182444
Entity Name: Gmail
Entity Type: Email Service
Industry: Technology
Customers Affected: 48 million
Incident : Data Breach NETFACTIKBINONLMICAPPCONGOV1769182444
Entity Name: Facebook
Entity Type: Social Media
Industry: Technology
Customers Affected: 17 million
Incident : Data Breach NETFACTIKBINONLMICAPPCONGOV1769182444
Entity Name: Binance
Entity Type: Cryptocurrency Exchange
Industry: Finance
Customers Affected: 420,000
Incident : Data Breach NETFACTIKBINONLMICAPPCONGOV1769182444
Entity Name: Netflix
Entity Type: Streaming Service
Industry: Entertainment
Customers Affected: 3.4 million
Incident : Data Breach NETFACTIKBINONLMICAPPCONGOV1769182444
Entity Name: TikTok
Entity Type: Social Media
Industry: Technology
Customers Affected: 780,000
Incident : Data Breach NETFACTIKBINONLMICAPPCONGOV1769182444
Entity Name: OnlyFans
Entity Type: Content Subscription Service
Industry: Adult Entertainment
Customers Affected: 100,000
Incident : Data Breach NETFACTIKBINONLMICAPPCONGOV1769182444
Entity Name: Microsoft Outlook
Entity Type: Email Service
Industry: Technology
Customers Affected: 1.5 million
Incident : Data Breach NETFACTIKBINONLMICAPPCONGOV1769182444
Entity Name: Apple iCloud
Entity Type: Cloud Storage
Industry: Technology
Customers Affected: 900,000
Incident : Data Breach NETFACTIKBINONLMICAPPCONGOV1769182444
Entity Name: Educational Institutions (.edu)
Entity Type: Education
Industry: Education
Customers Affected: 1.4 million
Incident : Data Breach NETFACTIKBINONLMICAPPCONGOV1769182444
Entity Name: Government Systems
Entity Type: Government
Industry: Public Sector
Incident : Data Breach NETFACTIKBINONLMICAPPCONGOV1769182444
Entity Name: Consumer Banks
Entity Type: Financial Institution
Industry: Finance
Incident : Data Breach YAHFACTIKNETMICONLBINCAN1769189638
Entity Name: Gmail
Entity Type: Email Service
Industry: Technology
Customers Affected: 48 million
Incident : Data Breach YAHFACTIKNETMICONLBINCAN1769189638
Entity Name: Yahoo
Entity Type: Email Service
Industry: Technology
Customers Affected: 4 million
Incident : Data Breach YAHFACTIKNETMICONLBINCAN1769189638
Entity Name: Microsoft Outlook
Entity Type: Email Service
Industry: Technology
Customers Affected: 1.5 million
Incident : Data Breach YAHFACTIKNETMICONLBINCAN1769189638
Entity Name: Facebook
Entity Type: Social Media
Industry: Technology
Customers Affected: 17 million
Incident : Data Breach YAHFACTIKNETMICONLBINCAN1769189638
Entity Name: TikTok
Entity Type: Social Media
Industry: Technology
Customers Affected: 780,000
Incident : Data Breach YAHFACTIKNETMICONLBINCAN1769189638
Entity Name: OnlyFans
Entity Type: Social Media
Industry: Adult Entertainment
Customers Affected: 100,000
Incident : Data Breach YAHFACTIKNETMICONLBINCAN1769189638
Entity Name: Netflix
Entity Type: Streaming Service
Industry: Entertainment
Customers Affected: 3.4 million
Incident : Data Breach YAHFACTIKNETMICONLBINCAN1769189638
Entity Name: Binance
Entity Type: Cryptocurrency Exchange
Industry: Finance
Customers Affected: 420,000
Incident : Data Breach YAHFACTIKNETMICONLBINCAN1769189638
Entity Name: .edu Domains
Entity Type: Education/Government
Industry: Education/Government
Customers Affected: 1.4 million
Incident : Trojan BININSGOO1773253647
Entity Name: General Android users in Brazil
Entity Type: Individuals
Industry: Financial Services, Cryptocurrency
Location: Brazil
Incident : Trojan BININSGOO1773253647
Entity Name: Binance
Entity Type: Cryptocurrency Exchange
Industry: Cryptocurrency
Location: Global
Incident : Trojan BININSGOO1773253647
Entity Name: Trust Wallet
Entity Type: Cryptocurrency Wallet
Industry: Cryptocurrency
Location: Global
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Cyber Attack BIN1791022
Containment Measures: Software update to freeze hackers' accounts
Recovery Measures: Resumed operations of the BSC chain
Incident : Legal Incident BIN000071224
Communication Strategy: Advocacy by US Congress members
Incident : Supply Chain Attack BIN1766986758
Containment Measures: Users advised to disable the vulnerable extension and upgrade to v2.69
Remediation Measures: Release of patched version (v2.69)
Communication Strategy: Public advisory to users
Incident : Data Breach NETFACTIKBINONLMICAPPCONGOV1769182444
Containment Measures: Database taken offline by hosting provider
Incident : Data Breach YAHFACTIKNETMICONLBINCAN1769189638
Containment Measures: Database taken offline by hosting provider
Incident : Trojan BININSGOO1773253647
Third Party Assistance: Kaspersky
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Kaspersky.
Data Breach Information
What type of data was compromised in each breach ?
Incident : Supply Chain Attack BIN1766986758
Type of Data Compromised: Private keys
Sensitivity of Data: High
Personally Identifiable Information: Private keys (potential for identity theft)
Incident : Data Breach NETFACTIKBINONLMICAPPCONGOV1769182444
Type of Data Compromised: Usernames, Passwords
Number of Records Exposed: 149 million
Sensitivity of Data: High
Personally Identifiable Information: Yes
Incident : Data Breach YAHFACTIKNETMICONLBINCAN1769189638
Type of Data Compromised: Usernames, Passwords, Banking/credit card details
Number of Records Exposed: 149 million
Sensitivity of Data: High
Personally Identifiable Information: Yes
Incident : Trojan BININSGOO1773253647
Type of Data Compromised: Login credentials, Wallet addresses, Personally identifiable information
Sensitivity of Data: High
Data Exfiltration: Yes
Personally Identifiable Information: Yes
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Release of patched version (v2.69).
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by software update to freeze hackers' accounts, , users advised to disable the vulnerable extension and upgrade to v2.69, database taken offline by hosting provider and database taken offline by hosting provider.
Ransomware Information
How does the company recover data encrypted by ransomware ?
Data Recovery from Ransomware: The company recovers data encrypted by ransomware through Resumed operations of the BSC chain, .
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Legal Incident BIN000071224
Regulations Violated: Money Laundering, Tax Evasion,
Legal Actions: Detention and potential legal charges
How does the company ensure compliance with regulatory requirements ?
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through Detention and potential legal charges.
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : Data Breach NETFACTIKBINONLMICAPPCONGOV1769182444
Lessons Learned: The incident highlights the risks of unsecured databases and the widespread impact of infostealer-driven breaches. It underscores the need for better security practices to prevent credential harvesting and unauthorized access.
Incident : Data Breach YAHFACTIKNETMICONLBINCAN1769189638
Lessons Learned: The incident underscores persistent vulnerabilities in data security practices, particularly the risks of unsecured databases and the accessibility of cybercrime tools. Stolen credentials can circulate on underground forums, prolonging the threat long after the initial leak.
Incident : Trojan BININSGOO1773253647
Lessons Learned: Evolving tactics of mobile malware, particularly in regions with high digital banking adoption; importance of verifying app sources and permissions.
What recommendations were made to prevent future incidents ?
Incident : Supply Chain Attack BIN1766986758
Recommendations: Users should avoid entering private keys in browser extensions and use desktop/mobile versions instead. Regularly update wallet software.
Incident : Data Breach NETFACTIKBINONLMICAPPCONGOV1769182444
Recommendations: Implement stricter access controls for databases, Enhance monitoring for unauthorized access, Educate users on the risks of infostealing malware, Use multi-factor authentication to mitigate credential theftImplement stricter access controls for databases, Enhance monitoring for unauthorized access, Educate users on the risks of infostealing malware, Use multi-factor authentication to mitigate credential theftImplement stricter access controls for databases, Enhance monitoring for unauthorized access, Educate users on the risks of infostealing malware, Use multi-factor authentication to mitigate credential theftImplement stricter access controls for databases, Enhance monitoring for unauthorized access, Educate users on the risks of infostealing malware, Use multi-factor authentication to mitigate credential theft
Incident : Trojan BININSGOO1773253647
Recommendations: Avoid downloading apps from unofficial sources, scrutinize app permissions, use multi-factor authentication, and monitor device performance for unusual activity.
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are The incident highlights the risks of unsecured databases and the widespread impact of infostealer-driven breaches. It underscores the need for better security practices to prevent credential harvesting and unauthorized access.The incident underscores persistent vulnerabilities in data security practices, particularly the risks of unsecured databases and the accessibility of cybercrime tools. Stolen credentials can circulate on underground forums, prolonging the threat long after the initial leak.Evolving tactics of mobile malware, particularly in regions with high digital banking adoption; importance of verifying app sources and permissions.
What recommendations has the company implemented to improve cybersecurity ?
Implemented Recommendations: The company has implemented the following recommendations to improve cybersecurity: Users should avoid entering private keys in browser extensions and use desktop/mobile versions instead. Regularly update wallet software., Avoid downloading apps from unofficial sources, scrutinize app permissions, use multi-factor authentication and and monitor device performance for unusual activity..
References
Where can I find more information about each incident ?
Incident : Supply Chain Attack BIN1766986758
Source: ZachXBT (Blockchain Researcher)
Incident : Data Breach NETFACTIKBINONLMICAPPCONGOV1769182444
Source: Security Researcher Jeremiah Fowler
Incident : Trojan BININSGOO1773253647
Source: Kaspersky
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: ZachXBT (Blockchain Researcher), and Source: Security Researcher Jeremiah Fowler, and Source: Kaspersky.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Legal Incident BIN000071224
Investigation Status: Ongoing
Incident : Supply Chain Attack BIN1766986758
Investigation Status: Ongoing
Incident : Data Breach NETFACTIKBINONLMICAPPCONGOV1769182444
Investigation Status: Ongoing
Incident : Data Breach YAHFACTIKNETMICONLBINCAN1769189638
Investigation Status: Ongoing
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Advocacy by US Congress members and Public advisory to users.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Supply Chain Attack BIN1766986758
Stakeholder Advisories: Trust Wallet team and Binance (former CEO) advised users to upgrade and offered compensation.
Customer Advisories: Users advised to disable the vulnerable extension, withdraw funds via desktop/mobile, and avoid entering private keys in the extension.
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Trust Wallet team and Binance (former CEO) advised users to upgrade and offered compensation., Users advised to disable the vulnerable extension, withdraw funds via desktop/mobile and and avoid entering private keys in the extension..
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Supply Chain Attack BIN1766986758
Entry Point: Malicious browser extension update
High Value Targets: Cryptocurrency wallets (Ethereum, BTC, Solana)
Data Sold on Dark Web: Cryptocurrency wallets (Ethereum, BTC, Solana)
Incident : Data Breach NETFACTIKBINONLMICAPPCONGOV1769182444
Entry Point: Infostealing Malware
Incident : Data Breach YAHFACTIKNETMICONLBINCAN1769189638
Entry Point: Phishing, Malicious Downloads, Compromised Websites
Incident : Trojan BININSGOO1773253647
Entry Point: Fake Google Play Store website (*cupomgratisfoodshop*)
Backdoors Established: BTMOB RAT
High Value Targets: Cryptocurrency and banking app users
Data Sold on Dark Web: Cryptocurrency and banking app users
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Supply Chain Attack BIN1766986758
Root Causes: Attackers uploaded a vulnerable version of the wallet to the app store under Trust Wallet's official brand.
Corrective Actions: Release of patched version (v2.69) and user advisories.
Incident : Data Breach NETFACTIKBINONLMICAPPCONGOV1769182444
Root Causes: Unsecured database, infostealing malware
Corrective Actions: Database taken offline, further investigation needed
Incident : Data Breach YAHFACTIKNETMICONLBINCAN1769189638
Root Causes: Infostealing malware, unsecured database, lack of authentication for sensitive data
Incident : Trojan BININSGOO1773253647
Root Causes: Exploitation of accessibility permissions, fake overlays, and social engineering to trick users into granting permissions.
Corrective Actions: Enhanced user education on app permissions, stricter app store vetting, and improved detection of fake overlays.
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Kaspersky.
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Release of patched version (v2.69) and user advisories., Database taken offline, further investigation needed, Enhanced user education on app permissions, stricter app store vetting, and improved detection of fake overlays..
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an Hackers, Criminal hackers, Nigerian Authorities and Nigerian Government.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2023-12-24.
Impact of the Incidents
What was the highest financial loss from an incident ?
Highest Financial Loss: The highest financial loss from an incident was $570 million.
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Private keys, 149 million credentials, 149 million usernames and passwords, Login credentials, wallet addresses and personally identifiable information.
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Binance Smart Chain and and and and .
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was Kaspersky.
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were Software update to freeze hackers' accounts, Users advised to disable the vulnerable extension and upgrade to v2.69, Database taken offline by hosting provider and Database taken offline by hosting provider.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were 149 million credentials, Private keys, 149 million usernames and passwords, Login credentials, wallet addresses and personally identifiable information.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 298.0M.
Regulatory Compliance
What was the most significant legal action taken for a regulatory violation ?
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was Detention and potential legal charges.
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was The incident highlights the risks of unsecured databases and the widespread impact of infostealer-driven breaches. It underscores the need for better security practices to prevent credential harvesting and unauthorized access., The incident underscores persistent vulnerabilities in data security practices, particularly the risks of unsecured databases and the accessibility of cybercrime tools. Stolen credentials can circulate on underground forums, prolonging the threat long after the initial leak., Evolving tactics of mobile malware, particularly in regions with high digital banking adoption; importance of verifying app sources and permissions.
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Educate users on the risks of infostealing malware, Use multi-factor authentication to mitigate credential theft, Implement stricter access controls for databases, Enhance monitoring for unauthorized access, Avoid downloading apps from unofficial sources, scrutinize app permissions, use multi-factor authentication, and monitor device performance for unusual activity. and Users should avoid entering private keys in browser extensions and use desktop/mobile versions instead. Regularly update wallet software..
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are ZachXBT (Blockchain Researcher), Kaspersky and Security Researcher Jeremiah Fowler.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was Trust Wallet team and Binance (former CEO) advised users to upgrade and offered compensation., .
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued were an Users advised to disable the vulnerable extension, withdraw funds via desktop/mobile and and avoid entering private keys in the extension.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker were an Malicious browser extension update, Fake Google Play Store website (*cupomgratisfoodshop*), Phishing, Malicious Downloads, Compromised Websites and Infostealing Malware.
Post-Incident Analysis
What was the most significant root cause identified in post-incident analysis ?
Most Significant Root Cause: The most significant root cause identified in post-incident analysis was Attackers uploaded a vulnerable version of the wallet to the app store under Trust Wallet's official brand., Unsecured database, infostealing malware, Infostealing malware, unsecured database, lack of authentication for sensitive data, Exploitation of accessibility permissions, fake overlays, and social engineering to trick users into granting permissions..
What was the most significant corrective action taken based on post-incident analysis ?
Most Significant Corrective Action: The most significant corrective action taken based on post-incident analysis was Release of patched version (v2.69) and user advisories., Database taken offline, further investigation needed, Enhanced user education on app permissions, stricter app store vetting, and improved detection of fake overlays..
.png)
Latest Global CVEs (Not Company-Specific)
Description
A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!load_link_inf. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=binance' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
