"Million-dollar Hack through Browser Plugin Installation: Victims Accuse Binance of Making Me a Sacrifice!"

Table of Contents
Toggle
Browser Plugin Causes Binance Account to Be Hacked for Millions of Dollars
OKEx Also Reports New Attack Method
User X, Nakamao, disclosed on a social platform that his Binance account was hacked without his knowledge and was used for a large number of abnormal transactions, resulting in a loss of nearly $1 million.
It is reported that the hacker did not obtain the victim’s password or two-factor authentication messages. Instead, they hijacked the victim’s web page cookies through a malicious Chrome plugin called “Aggr” and used these cookies to manipulate the victim’s Binance account. The hacker, unbeknownst to the victim, conducted a large number of wash trades on Binance, buying and selling a large amount of cryptocurrency, causing abnormal price fluctuations and profiting from it.
Nakamao claims that although he contacted Binance customer service immediately and tried to prevent further actions by the hacker, Binance responded slowly during the process, failing to freeze the hacker’s account or restrict their operations in a timely manner, allowing the hacker to safely withdraw the funds they obtained.
Furthermore, after contacting the KOL who originally promoted the malicious Chrome plugin “Aggr,” it was discovered that Binance had known about the existence of this plugin and had traced the hacker’s address at least 3 to 4 weeks ago. However, in order to gather more information about this hacker and avoid alerting them, Binance did not notify the community to suspend this product in a timely manner. Nakamao wrote on X:
“This incident not only caused significant economic losses to the victims personally but also impacted the trust within the cryptocurrency community. It also sounded the alarm regarding the security of digital assets, reminding all cryptocurrency users to remain vigilant about the security of their accounts and exercise caution when using any third-party applications or plugins.”
On the other hand, according to a report by “Wu Shuo Blockchain,” on June 3, a member of the Japanese community claimed that a fraudster purchased all of their personal information on Telegram and subsequently used the exchange’s “forgot password” function to change their phone number, email address, and even their Google Authenticator through AI-generated images. Within 24 hours, their OKEx account lost over $2 million in assets. Users must be aware of these potential risks.

Leave a Reply

Your email address will not be published. Required fields are marked *

Check Also

Successful Conclusion of CoinEx Taiwan’s 7th Anniversary Celebration, Embracing the Arrival of the Web3 Era Hand in Hand with Users

Since its establishment in 2017, CoinEx has been a professional cryptocurrency trading pla…