Binance API Key

Detects Binance API keys, which are 64-character case-sensitive alphanumeric strings with no distinctive prefix. Because a bare 64-char alphanumeric token is generic (it collides with any random token of that length), this pattern is context-gated: it requires a nearby Binance label and an assignment (= or :) before the value. A leaked key grants API access to the account (trading and, if enabled, withdrawal).

Type
regex
Engine
universal
Confidence
medium
Confidence justification
Medium confidence: a 64-char alphanumeric string has no distinctive prefix and is indistinguishable from any other 64-char token, so detection relies on an adjacent Binance label plus an assignment. Binance has no standalone secret scanner (e.g. no TruffleHog detector) precisely because the bare value is not self-identifying.
Jurisdictions
global
Regulations
Criminal Code Act 1995 (Cth)
Frameworks
CIS Controls, ISO 27001, NIST CSF, SOC 2
Data categories
credentials, security
Scope
wide
Risk rating
8
Platform compatibility
Purview: Compatible, GCP DLP: Unsupported, Macie: Unsupported, Zscaler: Compatible, Palo Alto: Unsupported, Netskope: Unsupported

Pattern

(?i)(?:binance)[\s\S]{0,24}?[=:][\s"]*(?<![A-Za-z0-9])[A-Za-z0-9]{64}(?![A-Za-z0-9])

Corroborative evidence keywords

binance, binance api key, BINANCE_API_KEY, X-MBX-APIKEY, api key, api_key, secret key, apiSecret, apikey, access key, access token, auth token, authorization, bearer, conn str, connection string, connectionstring, cookie, credential, database (+14 more)

Proximity: 300 characters

Should match

Should not match

Known false positives

References