Binance founder Changpeng Zhao (CZ) has called on crypto developers to ‘double check’ if all their systems are secure and safe after a reported GitHub hack.
If you have API keys in your code, even private repos, now is the time to double check and change them…
Microsoft-owned GitHub, a cloud platform for developers to store and manage their code, had earlier reported unauthorized access into their system.
Although the GitHub team acknowledged that the attacker breached 3800 repositories, it said it had contained the compromise.
But security researcher Taylor Monahan also echoed CZ’s warning and added,
Don’t just change and replace. Get them out of your repos.
Is it enough to prevent a crypto supply chain attack?
To grasp why CZ sounded the alarm, these repositories sometimes store the API (application programming interface) keys.
API keys authenticate how apps communicate with each other, making such a breach a massive supply chain risk for any connected platforms like exchanges, wallets, and others.
In such scenarios, the attacker will easily access a platform as a legitimate user and even bypass safeguards such as multi-factor authentication (MFA).
Think of it as stealing a master key. With the key, you don’t need to break things; you just access systems as an authorized user.
In fact, this is how the Lazarus Group infiltrated Bybit’s hot wallet infrastructure API vulnerability and private keys, effectively stealing $1.5B in 2025.
The DMM Bitcoin’s $305 million breach in 2024 was also carried out using the same method.
Perhaps the most notable incident involving Binance was when the automated trading platform 3Commas users’ exchange API keys were breached.
Over $22 million was lost as the keys were used to run automated trades to manipulate the markets on Binance.
The GitHub incident follows an alarming surge in crypto hacks. On the 18th of May, Echo Bridge was also breached via a stolen key, bringing the month-to-date (MTD) losses to $35 million.
On average, about $1.7 million was lost to crypto hacks in May. This was 20x lower than in April, which saw $634 million in losses or a daily average of $21 million.
Over half of the stolen funds are carried out by North Korean adversaries to fund the state’s military programs.
Final Summary
- CZ called on crypto developers to verify that their systems and API keys haven’t been affected by the GitHub breach.
- Crypto hacks in May have dropped 20x compared to April, but the risks remained elevated.