Binance User Lost $1 Million to Crypto Hack via Chrome Plugin

As an analyst with extensive experience in the cryptocurrency market and cybersecurity, I find Nakamao’s story to be both alarming and unfortunate. The fact that a user could lose such a significant amount of funds despite following all required security procedures is concerning.

As a researcher, I’ve come across reports of a significant loss for a Binance user based in China. This unfortunate individual is said to have misplaced approximately one million dollars’ worth of cryptocurrency assets within their Binance account.

Nakamao, a user on X, revealed that they had clandestinely taken all the funds from their crypto account.

Nakamao stated that he had implemented all necessary security measures on his Binance account. Remarkably, the intruder managed to empty the account using a technique called “counter-trading,” without obtaining the password or enabling two-factor authentication (2FA) for it.

On May 24, Nakamao became aware of unusual trading activities in his Binance account. A skilled hacker manipulated the situation by seizing control over Nakamao’s web cookies, granting them the power to carry out significant trades involving pairs that had generous liquidity. At the same time, they placed limited sell orders at artificially inflated prices on pairs with restricted liquidity. This deceptive scheme allowed the hacker to reap substantial profits without triggering any security alerts from Binance.

As a crypto investor, I was shocked when I discovered that my funds had been drained from my Nakamoto account on Binance. Despite reaching out to customer support immediately upon noticing the unauthorized transaction, the hacker had managed to bypass security measures and make off with all of my hard-earned digital assets undetected.

I was deeply disappointed with Binance’s lack of action and inadequate risk management measures during the recent hacking incident. The arbitrage activities of the attacker were glaringly apparent yet went unchecked.

Upon further examination, I discovered that the Aggr Chrome extension, which I had unfortunately installed based on the recommendation of a foreign influencer KOL, played a pivotal role in facilitating the attack. The hacker exploited this plugin to gain access to my cookies, enabling them to take control of ongoing user sessions without the need for two-factor authentication or passwords.

A recent event represents one of the initial occurrences in which a hacker exclusively used a Chrome extension to pilfer funds. Notably, the same tool was previously utilized in another instance of Binance account robbery on March 1st. Nakamao’s encounter serves as a reminder of the potential dangers linked to employing Chrome Web plugins.

As an analyst, I would point out that Nakamao criticized Binance for insufficient risk management controls against the theft, despite the thief’s overt transactions being evident. He emphasized the exchange’s tardiness in halting the hacker’s funds on other platforms and urged Binance to strengthen their security protocols.

Read More

2024-06-03 19:32