One million dollars were withdrawn from a user's Binance account, managing to evade standard security measures established on the exchange, such as passwords and two-factor authentication (2FA).
According to the story told in X by the platform user identified as Nakamao, the hackers stole his funds, managing to evade all the verification methods used. A situation during which “I did not receive any security reminder from Binance,” as the Chinese trader explains.
Nakamao assures that when he realized that they were operating from his account, without his authorization, he contacted the platform's security team, but the response was not satisfactory.
After realizing that my account had been stolen, I contacted customer service immediately, but during the process, the hacker continued to operate my account. It stands to reason that the hacker's funds should still remain on the platform, but the response I received from Binance was that the hacker safely withdrew all of his funds from Binance.
Nakamao, Binance user.
In his story, Nakamao complains that Binance took more than a day to notify the Kucoin and Gate exchanges to freeze the money stolen and transferred by the hackers. In that sense, he does not indicate which cryptocurrencies were involved in the theft.
«I am a loyal Binance user and have been trading for many years. This really disappointed me. “Is this really trying to help users recover their funds?,” she expressed. In this regard, CriptoNoticias requested comments from the Binance team and is awaiting a response.
The investor adds that, through a cybersecurity team that he consulted, he monitored the movement of the funds extracted from his account and that is how he learned that the theft had to do with a false version of the Chrome plugin identified as Aggr. It works by manipulating data from cookies stored by the websites that users visit on the Internet .
According to reports from cybersecurity experts, the malicious plugin was first discovered last March by Binance trader doomxbt, after a loss of USD 70,000 due to suspicious activity . The fake app collects all cookies, allowing hackers to reconstruct passwords and keys, especially for Binance accounts.
Therefore, the recommendation to users is to avoid downloading and using unverified third-party plugins , especially those promoted by influential people (known as key opinion leaders or KOLs). This, taking into account that hackers are using social networks to encourage downloads of malicious software.
This is a situation that, in Nakamao's opinion, is known to the exchange. Hence, in his post he extends his complaint about Binance's lack of information about the malicious plugin and about the recommendations made by the KOLs.
This case was taken into account by the Binance team to make recommendations (although the user is not directly cited). In a security announcement published on X this June 3, the platform reiterates the advice of not installing browser add-ons , as a measure to protect accounts.
We recommend all users take the following security measures: Only install the official Binance app or use a clean web browser, without any third-party plugins, to access the official Binance website. Please log out of the Binance website after using it.
Binance message on X.
As this medium has reported in several of its publications, among the security measures that are recommended to avoid these thefts is also not using exchanges to store cryptocurrencies, especially if they are amounts like those that this user kept on the platform.
