X user Nakamao disclosed on the social platform that his Binance account was unknowingly controlled by hackers and he conducted a large number of abnormal transactions, ultimately resulting in a loss of nearly $1 million.
I became a victim of an undercover agent in the cryptocurrency circle. The $1 million in my Binance account was wiped out. I am still confused until now. This is almost all my savings in the past few years. … pic.twitter.com/sSNUTXFZsc
— Nakamao (@CryptoNakamao) June 3, 2024
It is reported that the hackers did not obtain the victim's password or two-factor verification information, but used a malicious Chrome plug-in "Aggr" to hijack the victim's web cookies and control the victim's Binance account through these cookies. The hackers conducted a large number of counter-trades on Binance without the victim's knowledge, using the victim's account to buy and sell large amounts of cryptocurrency, causing abnormal price fluctuations and profiting from them.
Nakamao claimed that although he had contacted Binance customer service as soon as possible and tried to prevent the hacker from further actions, Binance was slow to respond during the process and failed to freeze the hacker's account or restrict its operations in time, resulting in the hacker being able to safely Withdraw the proceeds.
In addition, after getting in touch with the KOL who originally promoted the malicious Chrome plug-in "Aggr", it was discovered that Binance had known about the existence of this plug-in for a long time and had traced the hacker's address at least 3 or 4 weeks ago. In order to obtain more information about the hacker and avoid alerting the public, we did not notify the community in time to suspend this product. Nakamao wrote on X:
“The widely rumored incident of the Binance account being stolen from an overseas community member at the beginning of March 1 this year was also due to this plug-in. At that time, the incident also attracted a special reply from Binance CEO Richard Teng, “Binance’s security working group is actively investigating.” ” to find the root cause of the problem. Therefore, I do not want and cannot believe that the Binance team has not found the problem with this plug-in for nearly 3 months.”
This incident not only caused significant financial losses to the individual victims, but also had an impact on the trust of the cryptocurrency community. It also sounded an alarm about the security of digital assets and reminded all cryptocurrency users to maintain the security of their accounts. Be alert and use caution when using any third-party applications or plug-ins.
This article: A million dollars was hacked for installing browser plug-ins. The victim complained: Binance made me a victim! First appeared in Zombit.