Hackers, sending spring breeze to Binance?
If you have been following the crypto world, the hacking incident on February 21 should not be unfamiliar. On February 21, Bybit stated that the exchange was attacked by hackers, and 499,000 ETH worth $1.46 billion were stolen, which not only set a new record for the largest hacking attack, but also became another landmark event in the transition from the bull market to the bear market in this round. After the incident, with Bybit's rapid response, active handling, and market stabilization, Bybit successfully raised funds to overcome this challenge.
Afterwards, the North Korean hacker group was identified as the mastermind behind the incident. Although Bybit mobilized resources to guard against it, on March 4, the stolen funds were completely washed through a mixer. Although there were some unpleasant expenses, the losses of customers could be filled, and the exchange remained very strong, with the loss of a year's profit not being a matter of life and death.
It was thought that this matter would come to an end, but unexpectedly, the turmoil arose again, and OKX was hit by a disaster, with Binance becoming the biggest winner.
On March 17, OKX suddenly announced that after consulting with the regulatory authorities, it had decided to temporarily suspend the DEX aggregator service in order to carry out more security upgrades and prevent further abuse. As a result, the relevant limit orders and cross-chain orders will be automatically cancelled. OKX stated that the specific recovery time will depend on the progress of the upgrade, and during this period, users can still trade by jumping to third-party protocols, while the other services of the OKX Web3 wallet will not be affected.
This announcement caused a market uproar. The OKX Web3 wallet is undoubtedly the best among the exchange wallets this round, with a reputation for smooth experience and beautiful UI design, and its DEX aggregation is one of its core functions, aggregating more than 300 DEXs to provide users with low-threshold, low-slippage trading services. According to a previous announcement by OKX, as early as last June, the weekly active users of the OKX Web3 wallet had already exceeded 4.6 million, and by December 5 last year, the number of OKX wallet users had grown globally by as much as 991%. It is clear that the wallet is not only an important traffic moat for OKX, but also a key tool for attracting new users.
Why was the important DEX function of the wallet suddenly suspended?
To understand the reason, we need to go back to a Bloomberg report. On March 11, Bloomberg reported on the Bybit hacking incident, mentioning that "European crypto regulators are reviewing the use of a service provided by crypto exchange OKX, after Bybit said hackers used the OKX Web3 platform to launder part of the stolen funds, amounting to $100 million."
Seemingly without any problems, but there are suspicions of scapegoating. Bybit's statement, for outsiders, especially for regulators with relatively less technical focus, can be simplified to "hackers used the OKX Web3 to launder the stolen funds", that is, the OKX Web3 can be used as a tool to launder dirty money, which is worthy of high attention. Coincidentally, just a month ago, on February 18, OKX had just announced that it had obtained the MiCA license from the EU, while other exchanges like Bybit were still in the queue for application.
The newly granted license immediately led to a large-scale hacking incident, and the European regulators quickly responded. Regarding Bybit's statement, OKX's boss Star Xu was quite dissatisfied. On March 11, he issued a long article to refute, stating that Bybit had been making absurd statements, and that OKX had previously cooperated with Bybit to freeze the hackers' funds on many occasions, and even provided technical support and guidance, understanding their difficulties, but hoping that Bybit would stop spreading FUD, with a sense of accusing Bybit of ingratitude.
But whether OKX is wronged or not, from a technical perspective, it does have a point. Although the hacker's address shown in the on-chain tool is the OKX Web3 proxy, it is well known that OKX Web3 is a self-custodial wallet, and the OKX DEX is an aggregator that provides users with efficient liquidity by implementing the aggregation service of other DEXs. It is just a tool, does not custody any assets, and is not a trading counterparty, but only provides intermediary services. From the product attributes, the OKX DEX is no different from other aggregator products. In his response, Star Xu also directly stated that Bybit had used the API of the OKX wallet/DEX to build its own wallet and DEX infrastructure.
Response aside, the regulatory steps have been taken and it is difficult to stop. The EU is still in the process of technical exploration, with a relatively shallow understanding of the technology, and is known for its cautious attitude. Therefore, on March 17, OKX had to temporarily suspend the DEX function, citing the reason of cooperating with the regulators for technical upgrades. Subsequently, Star Xu also forwarded a statement that OKX Web3 had launched multiple anti-abuse control measures, including banning IP access from restricted markets and a real-time blacklist address detection and interception system. Ultimately, it is still necessary to guard against the outflow of dirty money.
The regulatory actions of the EU not only affect one exchange, but also require other exchanges applying for licenses to make early preparations. According to information from KOL AB Kuai.Dong of platform X, after the OKX DEX shutdown, multiple exchanges are working overtime to overhaul their businesses, including separating the exchange wallets into independent apps, where the wallet apps will no longer have built-in DEX and cross-chain functions, and will no longer provide CeDeFi-related official finance. In other words, the issuing and operating entities need to be completely isolated from the exchanges.
In fact, if we go back to the traditional financial sector, the separation of the issuing and operating entities from the exchanges is a necessary measure in risk control, with each segment being relatively independent, such as trading, custody, settlement, etc. But in the crypto field, for the sake of convenience of use, the basic operation is the two-way flow between DEX and CEX, and the business model of exchange + Web3 wallet has already been proven effective by the market, otherwise the exchange's wallet R&D fever would not have occurred. The sudden separation of the two sides not only increases the operational steps for users, affecting trading efficiency, but also goes against the usage mindset that has been established before.
But in the long run, with the continuous increase in the compliance level of the industry, the separation of entities is also a realistic path. Now it is the leading large exchanges taking the lead, and the possibility of other exchanges following suit is very high, unless the exchanges choose not to go the compliance route. But if compliance is the general trend, the risks of small exchanges that do not keep up are also not to be underestimated. Of course, in the short term, the impact is only on OKX Web3 itself.
With both OKX and Bybit encountering difficulties, the luckiest one is undoubtedly Binance. Before the hacking incident, Binance was facing fierce competition from these two, not only being surpassed by the bold Bybit in the contract derivatives market, but also lagging behind OKX in on-chain products and tools, especially on the wallet side. As is well known, wallets are a good thing, the primary traffic entry point for users to enter Web3, but looking at Binance's own wallet, it is either criticized for its outdated pages or disliked for its poor experience. It was with great difficulty that they innovated an Alpha section, only to be seamlessly integrated by competitors, which was quite embarrassing.
This time, the removal of the OKX DEX undoubtedly provided Binance with a good opportunity to overtake. The business battle is plain and simple, and the opportunity is fleeting. The management teams have all taken the field to promote, with He Yi actively commenting in the KOL area, recommending the in-house wallet and promising a chance. Binance also acted quickly, officially announcing that wallet trading and exchange will be free of charge for 6 months. This strong promotion has also brought a certain volume, with some users starting to try using the Binance wallet. But the problems are not non-existent either. A user named James on platform X said that when he bought 5,000U BOB on the Binance Alpha section, although the transaction was smooth, he was squeezed out of 1,200U. Regarding this, He Yi was also very generous, promising a 24-hour full refund for serious squeezes.
As of now, Binance seems to have caught this wave of traffic. Of course, in addition to Binance, there are also many other competitors scrambling for the traffic, with Bitget Wallet launching a $90,000 recharge incentive activity for a week, and UniversalX also making efforts to recommend KOLs. Ultimately, good experience is the key to taking a product further.
After this incident, the market has jokingly referred to Binance as the "child of fortune", successfully overtaking the two major competitors at an unexpected juncture. Whether it is the "child of fortune" or not is hard to say, but the recent Binance has indeed been thriving. Last week, in addition to this week's wallet promotion, Binance was also brilliant, not only gaining $2 billion in cooperation with the UAE royal family, but also the "inscrutable" MEME of CZ finally went mainstream.
Star Xu finally mastered the MEME game. On the afternoon of 2:38 on the second day after the financing news was announced, the Binance Chinese official account released a MEME image of the editor wearing Arabic clothing on social media, and then CZ retweeted the tweet and captioned it "Mubarak". The MEME market immediately responded, and in an instant, Four.meme launched dozens of tokens with Mubarak as the ticker.
It was thought that CZ, who did not understand MEME, might be another wave, but CZ started his own rhythm. First, he retweeted and verified the leading coins in various currencies, and then continued to expose the MEME. On March 15, Binance alpha even launched Mubarak, and even on the evening of March 16, CZ's public wallet purchased $Mubarak worth 1BNB. A series of operations directly made the market value of Mubarak exceed $130 million, and netizens jokingly said that it had added several A8 players to BSC.
After finding the way and grasping the method, CZ and He Yi began the MEME experimental field, occasionally retweeting memes and meme pictures, and personally getting involved in MEME trading. Whether MEME is successful or not, this round of operations has truly benefited the BSC ecosystem. According to on-chain analyst @hoidya's data, the TVL of BSC has been growing continuously for 4 days since March 13, and the DEX trading volume and average transaction fee have also reached new highs within a week. More intuitively, the price of BNB has been rising against the trend, from $507 on March 11 to a high of $643, and is now stable at $616, even in an unstable market.
This attempt is just CZ's small trial. It was at this time that CZ truly understood the importance of attention economy. In the current market, liquidity is highly dependent on the macro market, and the attention economy is an essential lesson for every public chain. Regarding this, the well-known KOL crypto Wei Tuo also expressed his views, "CZ's thinking is correct. The key to reviving BSC lies in a dual-drive, with stabilizing BNB price expectations as the cornerstone, continuously creating new memecoin with explosive dissemination power as fuel, and maintaining the ecosystem's debt controllable through split-plate liquidity management 'replacing old coins at high prices with new plates at low prices', allowing retail investors to repeatedly reinvest in the hundred-fold narrative rotation rather than being trapped in a stagnant position."
Interestingly, as early as 2023, CZ had previously made a statement that he would not invest in MEME. Times have changed, and CZ is no longer the CEO of Binance, but the growth of BNB is still on his shoulders. Becoming a MEME maker may not be what he wants, but as Binance's top spokesperson, he still has the responsibility to engage with the community and lead the growth.
It is saddening that the controversial Binance has finally heard the long-awaited cheers, but it is because its competitors have been severely hit, and the founder has finally started to operate MEME. Is this a blessing or a misfortune for the industry? In the tidal wave of the crypto world, perhaps there is no time to ponder this question.
