Main navigation

Binance Users Lose Millions After Accounts Hacked

Advertisement
Mon, 3/06/2024 - 11:02
Binance Users Lose Millions After Accounts Hacked
Cover image via www.freepik.com
Read U.TODAY on
Google News

UPDATED: Several Binance users have reported losing millions of dollars due to account hacks in a distressing development for the cryptocurrency community. The news came to light when Chinese cryptocurrency journalist Colin Wu tweeted about a series of hacks that have affected users of the platform.

Wu's tweet highlighted the case of a Chinese user who lost $1 million after downloading a Google plugin promoted by Key Opinion Leaders (KOLs) called Aggr. The attack occurred on May 24 and was facilitated through cross-trading, a technique where hackers exploit hijacked cookies to bypass password and two-factor authentication (2FA) verification.

Another Binance user experienced a similar fate on March 1, suffering significant financial loss. The hackers used the same method of hijacked cookies to gain access to the victim's account, indicating a well-coordinated and persistent attack strategy.

Advertisement

Binance user questions platform

One of the victims, known as Nakamao, shared his harrowing experience on X, revealing the emotional and financial toll of the incident. He recounted that he became a victim of an undercover agent in the crypto circle, and $1 million in his Binance account was wiped out.

Nakamao’s investigation, conducted in collaboration with a security company, uncovered alarming details. He realized that he had fallen victim to an elaborate scheme involving an undercover agent in the community. Nakamao's account of the incident also raised serious concerns about Binance's response and security measures. He noted several critical points in the timeline of events.

For instance, Binance was reportedly aware of the hacker and the compromised plugin for weeks but did not take immediate action, allowing further financial losses. Despite recognizing the theft and abnormal cross-trading activities, Nakamao says that Binance failed to implement adequate risk controls, allowing hackers to manipulate accounts for over an hour.

According to the user, Binance did not promptly freeze the hacker’s account, missing the opportunity to prevent further unauthorized transactions. Nakamao further revealed that it took Binance more than a day to contact relevant platforms to freeze transactions, further delaying the mitigation of losses.

These revelations have sparked a wave of concern and criticism within the cryptocurrency community, with many users questioning the platform's ability to safeguard their assets. 

Binance has responded to the user's post on X with new information regarding the incident. 

According to Binance, the impacted user had assumed a separate incident from 1st March was due to the fraudulent “aggr.trade“ plugin based on a X post dated 28th May.

The investigation of that incident did not find any such plugin based on the data and material provided to the exchange at that time. Prior to the X post a community influencer had alerted Binance to the plugin on 27th May and we immediately implemented additional security measures.

Binance also noted that it’s in contact with the impacted user to provide assistance and support, and take this opportunity to remind all users to always stay vigilant.

The exchange encourages  the community to report potential vulnerabilities through our Bug Bounty Program, which leverages and rewards crowdsourcing to help raise awareness of potential threats earlier. Furthermore, Binance always advises users to stay vigilant but unfortunately this is an incident where a user fell victim to a fraudulent plugin. 

The incidents show the importance of heightened security measures and prompt action in the face of emerging threats.

Related articles

Advertisement
TopCryptoNewsinYourMailbox
TopCryptoNewsinYourMailbox
Advertisement
Advertisement

Recommended articles

Latest Press Releases

Our social media
There's a lot to see there, too

Popular articles

Advertisement
AD