Hackers Drain Millions from Binance Accounts Using Chrome Plugins
A Chinese trader, CryptoNakamao, has lost $1 million to a hacking scam using a promotional Google Chrome plugin called Aggr. The promotional plugin steals cookies from users, which hackers use to bypass password and 2FA verification and log into the victim's Binance account.
A trader has shared their unfortunate experience on X, describing how they lost their entire life savings to an unexpected scam on Binance. CryptoNakamao, a trader with the username ‘X,’ said that his Binance account started trading randomly on May 24. He didn’t notice it until he opened the Binance app to check the price of Bitcoin.
Also Read: The Crypto Community Shows Binance’s CZ Love as He Begins His Prison Sentence
CryptoNakamao begins explaining his ordeal by saying, “I became a victim of an undercover agent in the cryptocurrency circle, and $1 million in my Binance account was wiped out. Until now, I am still confused. This is almost all my savings in the past few years.”
Hackers Target Binance Users with Chrome Plugin
A Chinese crypto trader was hacked on Binance. Without getting Nakamao’s account password or 2FA, the hacker stole nearly all the funds in his account through ‘counter-trading.’ Nakamao adds “I never thought that my assets would be cleared out in this way. I want to warn crypto investors not to become the next me!”
On his way home, he saw QTUM/BTC rise by 21%, DASH/BTC by 27%, PYR/BTC by 31%, ENA/USDC by 22%, and NEO/USDC by 20% due to purchases on his account. He says that he didn’t notice these operations until he opened his account to check the BTC price an hour and a half later.
我也无意与币安做任何斗争。我也很尊敬何一的敬业和为人,也感谢sisi的理解。我绝不会恶意编造诋毁币安。
所有的消息,都是我在被盗后,自己一点点去找相关人员追查的。都是我问出来的。关于插件的安全问题希望能问自己的安全团队。或者告知我原因,我自然原因帮忙沟通。… pic.twitter.com/HqT2EfhpHx— Nakamao???? (@CryptoNakamao) June 3, 2024
According to the trader, the hackers managed to access his web browser cookie data, which they obtained through a Chrome plugin named ‘Aggr.’ Upon installing the plugin, the trader quickly discovered that malicious software had been developed with the intention of stealing users’ web browsing data and cookies.
Using the collected cookies, the hacker hijacked active user sessions without any need for a password or authentication. They then executed multiple leveraged trades, deliberately increasing the price of low liquidity pairs and profiting from these manipulations.
Binance’s Frail Response to the Hack
Despite unusually high trading activity, the trader says that the exchange failed to implement critical security measures. Moreover, despite receiving timely complaints, the exchange failed to take action to halt the behavior. He adds, “But what I didn’t expect was that [..] the Binance staff still took more than a day to notify Kucoin and Gate to freeze the funds transferred by the hacker.”
During his investigation, the trader uncovered that Binance had prior knowledge of the fraudulent plugin and had already initiated an internal investigation. Although aware of the hacker’s address and the deceptive plugin scam, the trader expressed disappointment in the exchange for not notifying traders or implementing any measures to prevent the fraud.
Nakamao’s adds:
Binance did nothing even though it knew of the theft and frequent cross-trading. Hackers manipulated accounts for over an hour, causing extremely abnormal transactions in multiple currency pairs without any risk control; Binance failed to freeze the funds of the obvious hacker’s single account in the platform on time.
CryptoNakamao
The trader argues that no matter what, the problem with the plugin could have been announced and worked out weeks before Alpha Tree announced the plugin problem to the crypto community.
The Trader Praises He Yi’s Professionalism
The trader says, “I have no intention of fighting with Binance. I also respect He Yi’s professionalism and character, and I am grateful for sisi’s understanding.” However, this plug-in problem has been around for a while.
Nakamao remains heavily disappointed with the crypto exchange. He adds, “I always read articles about Binance highlighting its security. The word “security” is always included in Binance’s annual summary every year, which makes me full of confidence in Binance.” Nakamao wants his ordeal to be a cautionary tale to all crypto investors using centralized crypto exchanges and hackable plugins.
Cryptopolitan Reporting By Florence Muchai
What's Your Reaction?