The post Binance Hack: Users Hit by Google Plugin Scam, Lose Millions appeared first on Coinpedia Fintech News
Several Binance users have suffered huge losses from account hacks, shaking the cryptocurrency community. Popular blockchain journalist Colin Wu broke the troubling news.
Breaking: Your Binance account may have been compromised due to downloading the KOL-promoted Google plugin Aggr. A Chinese user used this plug-in, which resulted in $1 million being stolen through cross-trading on May 24th. Another Binance user had his funds stolen on March 1.…
— Wu Blockchain (@WuBlockchain) June 3, 2024
The scam centers around a Google plugin named Aggr, promoted by various Key Opinion Leaders (KOLs) in the crypto community. A Chinese user lost $1 million on May 24th after using this plugin.
Another user experienced a similar issue on March 1st. The hackers exploited hijacked cookies to bypass password and two-factor authentication (2FA), getting unauthorized access to victims’ Binance accounts.
One affected user shared their experience on X. Their account was wiped out of $1 million, almost all of their savings. The hacker made a series of trades, causing massive price increases in various trading pairs such as QTUM/BTC, DASH/BTC, PYR/BTC, ENA/USDC, and NEO/USDC.
我成了币圈卧底的牺牲品,币安账户里100万美元灰飞烟灭直到现在我整个人还是懵的,这几乎是我这几年全部的积蓄。… pic.twitter.com/sSNUTXFZsc
— Nakamao (@CryptoNakamao) June 3, 2024
The user noticed these unauthorized activities only after checking Binance an hour and a half later. The second he did, though, the user contacted Binance customer service immediately. However, during this process, the hacker continued to operate the account.
Binance’s response was slow, and the hacker had safely withdrawn all funds when they reached back. The user says Binance’s risk control measures are lacking, as the hacker’s single account and obvious arbitrage transactions go unnoticed.
According to the user, it took Binance over a day to notify other exchanges like Kucoin and Gate to freeze the stolen funds, which was too late. This delay allowed the hacker to move the funds beyond reach, leaving the user with no recourse.
This incident is not isolated. On March 1st, another user’s Binance account was hacked through the same plugin. Binance CEO Richard Teng had previously said that the security team was investigating the root cause, yet the issue continues without a clear resolution.