简体中文
繁體中文
English
Pусский
日本語
ภาษาไทย
Tiếng Việt
Bahasa Indonesia
Español
हिन्दी
Filippiiniläinen
Français
Deutsch
Português
Türkçe
한국어
العربية
Abstract:A Chinese trader fell prey to a sophisticated hacking scam on Binance, losing $1 million after hackers exploited a deceptive Chrome plugin, Aggr, to bypass security measures, execute leveraged trades, and manipulate low liquidity trading pairs, raising questions about Binance's security protocols and responsibility for compensating such losses.
A significant financial loss has befallen a Chinese trader, totalling $1 million, due to a deceitful scheme involving a promotional Google Chrome extension named Aggr.
The plugin, Aggr, reportedly extracted cookies from users, granting hackers access to bypass password and two-factor authentication (2FA) protocols, thus breaching the traders Binance account.
The incident, narrated by the trader under the pseudonym CryptoNakamao on the social media platform X, transpired on May 24. Upon checking the Bitcoin price through the Binance app, the trader detected peculiar trading activities within their account. Regrettably, by the time they sought assistance, the entirety of their funds had been withdrawn by the hacker.
The trader disclosed that the hackers infiltrated his web browsers cookie data through the Aggr Chrome extension. Initially installed for gaining insights from notable traders, the trader remained oblivious to its covert function of pilfering browsing data and cookies. Leveraging the stolen cookies, the hackers seized active user sessions, circumventing the necessity for passwords or authentication. This enabled them to execute numerous leveraged trades and exploit low liquidity trading pairs for profit.
Despite the hindrance of 2FA preventing direct fund withdrawals, the hackers utilized the cookies and active login sessions to engage in trading activities. Employing high liquidity tokens in the Tether (USDT) trading pair, the hackers placed limit sell orders at inflated prices across Bitcoin (BTC), USD Coin (USDC), and other trading pairs with low liquidity. Subsequently, they initiated leveraged positions, acquiring substantial amounts, and executed cross-trading manoeuvres, a tactic involving the offsetting of buy and sell orders for the same asset without recording the transaction on the exchange.
The trader levelled accusations against Binance, alleging a deficiency in implementing requisite security measures, especially considering the abnormal trading activities observed. Furthermore, the trader asserted that despite reporting the issue promptly, Binance failed to take timely action. According to the trader, Binance was already cognizant of the fraudulent nature of the plugin, yet failed to notify users or enact preventative measures.
In response, Yi He, co-founder of Binance, refuted CryptoNakamao‘s claims, attributing the account breach to the compromised state of the user’s own computer. Yi He clarified on social media that following the hack, the hacker was unable to withdraw funds, resulting in trading losses upon the sale of the victims coins.
Expressing sympathy for the trader's ordeal, Binance reiterated its stance, indicating that the cause of asset loss stemmed from the manipulation of the traders devices due to the installation of malicious plugins. Consequently, Binance disclaimed responsibility for compensating such instances unrelated to its platform.
Disagreeing with Binances assessment, Nakamao contended that the exchange had prior knowledge of the malicious plugin and had even encouraged a key opinion leader (KOL) to gather intelligence from the hacker.
In a cautionary note, Yi He advised users against logging into accounts with active cookie plugins to avert the inconvenience of repeated password entries. She emphasized Binances inability to provide compensation in instances of compromised login devices.
Disclaimer:
The views in this article only represent the author's personal views, and do not constitute investment advice on this platform. This platform does not guarantee the accuracy, completeness and timeliness of the information in the article, and will not be liable for any loss caused by the use of or reliance on the information in the article.
Malaysian authorities are actively pursuing seven individuals linked to the Gigamax investment scam, which has defrauded investors of over RM7 million. The suspects include an Indonesian national, identified as Awaludin, who is believed to be the mastermind behind the scheme, and six Malaysians who served as promoters and speakers for the fraudulent operation.
Thai authorities have apprehended a 32-year-old Singaporean man suspected of being part of a transnational syndicate involved in cryptocurrency scams. The group is accused of defrauding victims of more than 22.4 million baht (S$886,000) through a fraudulent trading platform.
Kraken and BitGo will oversee the first FTX payouts starting January 3, 2025. 98% of creditors receive at least 118% of their claims in cash.
UK FCA seeks public feedback on crypto rules to improve market transparency, protect consumers, and support growth. Comments are open until March 2025.