Key points:

  • The Binance risk control team has implemented strict platform measures to protect user accounts from being leaked, including optimizing the logout frequency of Cookies and adding verification steps for abnormal transactions to provide early warnings at critical moments to protect user funds from being compromised.

  • The Binance security team recommends that users raise their security awareness, do not install any third-party plug-ins on the browser, promptly exit applications and plug-ins involving funds, use the Binance official app or visit the Binance official website.

  • Binance encourages the community to participate in the "White Hat Operation" security bounty program, which provides rewards to community users who actively report potential security risks to help the platform raise awareness of potential threats at an early stage.

Browser plugins are widely used to enhance online experiences, simplify workflows, and add functionality when visiting websites. However, not all plugins are benign, and some are exploited by criminals and can pose significant security risks. This article explores the potential harm of malicious browser plugins and provides the community with recommendations for protecting their accounts from such attacks.

Malicious plugin trap

Web browser plug-ins, also called extensions or add-ons, are small software programs that are integrated into web browsers to provide additional functionality. While many plug-ins are legitimate and useful, some are malicious. Malicious plug-ins can:

  1. Stealing sensitive information: Some malicious plugins can capture keystroke sequences, track web browsing activity, and steal login credentials.

  2. Injection of malicious code: Plugins can inject malicious scripts into web pages, leading to phishing attacks or malware installation.

  3. Hijacking sessions: Malicious plugins can hijack your login session, allowing attackers to take control of your account.

  4. Tampering with your addresses: Malicious extensions can read and write clipboard contents, which may cause your deposit/withdrawal addresses on Binance or other financial platforms and services to be tampered with, potentially leading to loss of funds.

Risk control is a cat-and-mouse game

Risk control measures need to find a balance between security and convenience. Inadequate risk control measures will threaten the security of users' assets, but overly strict risk control processes may damage user experience. Therefore, risk control is a "cat and mouse game" between the attacker and the defender, and security measures need to find a balance based on the ever-changing threats. Considering the risks posed by malicious browser attacks, the Binance risk control team is taking the following measures to enhance user protection:

  • Increase the logout frequency and verification steps for Cookies: Adjust the logout frequency of Cookies according to the user scenario, increase the verification frequency of plug-in operations and Cookie authorization, and add necessary security verification steps based on the specific situation and user status.

  • Double confirmation for sudden price fluctuations: Double confirmation will be achieved by superimposing big data alarms and manual verification for sudden price fluctuations.

  • Supplementary risk control rules trigger 2FA verification: Abnormal transactions will trigger two-factor authentication before processing.

Take precautions in advance to ensure safety

As the crypto industry continues to grow, scams and hacker attacks are becoming more sophisticated. Faced with an endless stream of security issues, users need to raise their awareness and stay vigilant. To avoid becoming a victim of malicious plugin attacks, please consider the following precautions:

  • Limit plugin usage: Only install reliable plugins that are absolutely necessary. The more plugins you install, the higher the risk of encountering malicious plugins.

  • Verify plugins: Before installing a plugin, do your research. Check reviews, developer information, and permissions requested by the plugin to avoid granting unnecessary access.

  • Review plugins regularly: Regularly review and remove plugins that you no longer use, which will effectively reduce potential attacks.

  • Keep your software updated: Developers release updates to patch security vulnerabilities, so make sure your browser and all installed plug-ins are up to date.

  • Use security tools: Leverage antivirus and antimalware tools to detect and prevent malicious activity.

  • Isolate profile: Create a separate browser user profile to log in to DAPP, and do not install any plugins on that profile.

  • Log out promptly: Exit apps involving money promptly after use, and do not keep cookies active just to avoid re-entering passwords. Incognito mode: Open the website in incognito mode and disable any plug-ins.

  • Additional privacy protection for financial applications: Use a separate device for operations involving funds.

  • Permission settings: Set the permission for fund operations to automatically log out within a few minutes (similar to what many traditional banking applications do).

Binance Security Bounty Program

In March 2019, Binance launched the "White Hat Operation" security bounty program to reward all community users for actively reporting potential security risks and raising awareness of potential threats. This security program has proven to be one of the important safeguards for Binance's system security. Root cause analysis of the discovered risks helps us avoid such risks in other existing products or products under development, and improve Binance's risk control and security measures.

Binance always adheres to the principle of "user first" and is committed to ensuring the security of platform users' assets. Risk control and security are long-term offensive and defensive battles for trading platforms, which require stable, large and long-term investment. As an industry leader, Binance will continue to build and improve security lines to protect the security of user assets through practical actions.

Further reading:

  • Binance develops "antidote" algorithm to protect users from address poisoning attacks

  • Crypto Security Intelligence: How to Identify and Avoid Fake Binance Launchpad Tokens

  • X-account theft incident in the cryptocurrency field: from personal impact to industry impact