A Chinese trader claimed that Binance ignored "very unusual transactions" and failed to freeze funds belonging to "obvious hackers", leading to the loss of 100 million yen in savings through a Google Ads plugin.
The trader, known on social media under the nickname "CryptoNakamao," used the Aggr plugin to access trading data. But in practice, the hackers managed to find a way to bypass password protection and 2-factor authentication (2FA) to access the #Binance account.
After gaining access to the account, the hackers bought several tokens on the highly liquid #tether trading pair and placed sell orders on #bitcoin , USD Coin and other less liquid trading pairs.
The hackers are then able to open leveraged positions, buy excessively large lots and cross trades despite being unable to withdraw funds directly.
The trader says he noticed erratic trading on his account at 5:24 a. m. , but by the time he contacted Binance, the funds had already been withdrawn.
'Throughout the process, the response from Binance staff was very slow and did not help users recover their losses,' X (formerly Twitter) wrote on its website.
Seeing that the exchange hijacking had completely failed, I enlisted the help of a security company to see if it was possible to block the hacker.
CryptoNakamao's investigation claims that not only has Binance been aware of the nature of the plugin and experiment for a long time, but that it had received complaints and "tracked down the hacker's address at least 3-4 weeks ago. ""
However, the company has taken no action.
Speaking to site X (formerly Twitter), CryptoNakamao said::
"Binance was aware of the problems with hackers and plugins, but did nothing for weeks, so we were able to continue to move forward, resulting in huge financial losses.
The hackers manipulated the account for over 1 hour and conducted very unusual transactions on some currency pairs with no risk management. "
Read us at: Compass Investments