TL;DR
- A Chinese trader lost $1 million on Binance due to a hack related to the Chrome plugin “Aggr”.
- Despite having two-factor authentication enabled, the hacker accessed the trader’s account using cookies and active login sessions.
- Although Binance was aware of the malicious plugin, it did not implement adequate security measures or take action to stop the fraud.
A Chinese trader suffered a devastating loss of $1 million on Binance due to a hack involving the use of a Google Chrome plugin called Aggr. The incident has raised concerns about the security of funds on the renowned crypto platform.
CryptoNakamao, the affected trader, shared his experience in which his Binance account started making random trades on May 24. Although two-factor authentication (2FA) was enabled, the hacker managed to access his account using cookies and active login sessions. Through a process of cross-trading, the thief was able to steal almost all of Nakamao’s account funds.
我成了币圈卧底的牺牲品,币安账户里100万美元灰飞烟灭
直到现在我整个人还是懵的,这几乎是我这几年全部的积蓄。… pic.twitter.com/sSNUTXFZsc
— Nakamao🫡 (@CryptoNakamao) June 3, 2024
The trader expressed dismay upon discovering that his assets had been wiped out in this manner, describing it as a loss representing most of his savings from several years. He revealed that he did not notice the fraudulent trades until he opened the Binance app to check Bitcoin’s price.
The method used to carry out the theft involved accessing the trader’s browser cookie data through a Chrome plugin called ‘Aggr’. Once installed, this malicious plugin allowed the hacker to initiate active user sessions without the need for a password or additional authentication.
Binance Ineffective Response
The thief(s) took advantage of these active sessions to execute multiple leveraged trades, manipulating the price of low liquidity pairs and profiting from these manipulations. Despite the unusual trading activity. Binance did not implement critical security measures or take action to stop the fraudulent behavior. Despite receiving relevant complaints from the affected trader.
Although Binance was aware of the fraudulent plugin and had initiated an internal investigation. It did not notify traders or implement measures to prevent future similar incidents. Only recently have they made a statement via Twitter, alerting users and providing some tips to avoid falling victim to this type of fraud.
Security Public Service Announcement
While there has been no security breach on the Binance platform, we want the community to always stay vigilant. Avoid installing browser plugins as malicious plugins can steal your data and comprise your account security.
We recommend all…
— Binance (@binance) June 3, 2024
The affected trader expressed disappointment with Binance’s response. Especially because the platform took over a day to notify other exchanges. Such as Kucoin and Gate, to freeze the funds transferred by the hacker. Although the trader acknowledged the professionalism of certain members of the platform’s support team. He remains concerned about the security of users’ funds and warns other investors about the risks of using centralized exchanges and hackable plugins.
