Binance user loses USD $1 million in hack using Chrome plugin – DiarioBitcoin
By Hannah Perez
A Chinese Binance trader claims to have lost his life savings to a hacker who exploited a Chrome plugin to steal his cookies and take control of his account.
***
- Binance user would have been the victim of a hack for USD $1 million
- He alleges that hacker exploited a Chrome plugin to take control of his Binance account
- Despite having a password and 2FA authentication, the attacker managed to steal your funds
- Blamed Binance for not taking action or warning users about the attack scheme
Hackers may have discovered a new way to steal cryptocurrency using a Chrome plugin.
A Chinese merchant Binance went to the social network x (previously Twitter) to report that it was the victim of a hacking attack that apparently leverages a promotional Google Chrome add-on called Aggr.
The user identified as Nakamao said that it all started when he noticed a strange movement in his account. Binance may 24th. His account had started trading randomly, but he only realized after he had opened the app to check the price of Bitcoin in real time.
He stated that after an investigation, he concluded that hackers had gained access to his web browser’s cookie data, which they had stolen through the plugin Aggr.
Nakamao stated that his account Binance had all the necessary security controls in place, but by leveraging the Chrome plugin, the attacker had managed to collect and exploit its cookies to hijack active sessions, thereby bypassing the need for a password or two-factor authentication (2FA) to take account control.
“The hacker stole almost all the funds from my account through “transaccio“Imitation Games” without obtaining my Binance account password or instructions for two-step verification (2FA)”he wrote in a post in Chinese.
User of Binance lose your savings
While he explained that the hacker was unable to withdraw funds directly due to lacking 2FA verification, he used cookies and active login sessions to make profits through cross-trading, a practice in which purchase orders and sale of the same asset are offset without registering the transaction on an exchange.
The attacker would have carried out multiple leveraged trades to increase the price of low-liquidity pairs and profit from them. Specifically, he would have purchased several tokens on the highly liquid USDT trading pair and placed limit sell orders that exceeded the price of BitcoinUSDC and other illiquid pairs.
Finally, the hacker opened leveraged positions, bought a large excess amount and completed the cross trade, Nakamao said. He said that when he sought help from Binancethe hacker had already withdrawn all the funds from his account Binance worth USD $1 million, and added that another user had a similar experience months before.
Regarding the extraction of the funds, he expressed his belief that it was a “very obvious forged transaction” and that, according to the exchange’s response, the funds had been withdrawn “in a safe way“.
“Until now, I’m still confused. These are almost all my savings in recent years“wrote.
Binance did not take action, says victim
Nakamao pointed to Binance as responsible for what happened, accusing the exchange of not having implemented the necessary security measures despite the unusually high trading activity.
Furthermore, even after receiving timely complaints, the exchange took no action to stop it, he added, expressing frustration over the slow response from the platform’s customer support team.
The merchant also assured that Binance had been aware of the fraudulent plugin for quite some time and was already conducting an internal investigation. Despite knowing the nature of the plugin scam, Nakamao blamed Binance of not having informed the merchants or having taken any action to prevent this type of attack.
Binance did nothing even though it knew about the theft and frequent cross-trading. The hackers manipulated accounts for more than an hour, causing extremely abnormal transactions in multiple currency pairs without any risk control; Binance failed to freeze the funds in the obvious hacker’s single account on the platform in time.
After the unpleasant experience, the victim has alerted users about the risk of using Chrome web plugins while demanding greater security measures from the exchanges to prevent similar incidents in the future.
Article by Hannah Estefanía Pérez / DailyBitcoin
Picture of Unsplash
WARNING: This is an informative article. DiarioBitcoin is a media outlet, it does not promote, endorse or recommend any particular investment. It is worth noting that investments in cryptoassets are not regulated in some countries. They may not be suitable for retail investors as the entire amount invested could be lost. Check the laws of your country before investing.
