Trader Suffers Massive Loss in Binance Hacking Scam through Chrome Plugin Breach
A Chinese trader recently became a victim of an advanced hacking scam, resulting in the loss of $1 million. The incident occurred due to a compromised Google Chrome plugin that gained unauthorized access to the trader’s Binance account.
The plugin, known as Aggr, stole cookies from the trader, allowing the hackers to bypass security measures and gain control of the Binance account. As a result, the trader experienced a significant financial setback.
The attack, facilitated by the Google Chrome plugin, targeted the trader’s Binance account. Reports reveal that the trader, who goes by the username CryptoNakamao on X, shared the details of the incident on the platform.
On May 24, CryptoNakamao noticed suspicious trades on their Binance account and realized the severity of the situation after checking the Bitcoin price on the Binance app. However, by the time they sought assistance from Binance, the hacker had already withdrawn all the funds.
The hackers were able to exploit the stolen cookie data obtained through the malicious Aggr plugin. The trader had installed this plugin to access data from prominent traders, unaware of its nefarious intentions. With the stolen data, the hackers hijacked active user sessions without requiring a password or authentication.
The hackers executed leveraged trades to manipulate the prices of low liquidity pairs and profit from their actions. Despite the trader having two-factor authentication (2FA) protections in place, the hackers used the stolen cookies to cross-trade. They purchased various tokens in the highly liquid Tether trading pair and placed limit sell orders at prices exceeding the market value of Bitcoin, USD Coin, and other low-liquidity trading pairs. By opening leveraged positions and buying large quantities, they completed cross-trading without leaving any trace on the exchange.
CryptoNakamao criticized Binance for their lack of necessary security measures, especially considering the unusually high trading activity. They also expressed frustration at Binance’s failure to take appropriate action despite timely complaints.
During the investigation, CryptoNakamao discovered that Binance was already aware of the fraudulent plugin and was conducting an internal investigation. However, the exchange allegedly did not inform traders or take preventative measures against the scam, even though they had knowledge of the hacker’s address and the nature of the attack.
This incident adds to the growing trend of crypto heists. Just recently, Japanese Bitcoin exchange DMM suffered a major security breach, resulting in the loss of 4,502.9 bitcoins valued at 48.2 billion yen (USD 305 million). DMM assured its customers that their Bitcoin deposits would be fully guaranteed, with plans to procure the equivalent amount of lost BTC with the help of partner companies. This hack ranks among the largest exchange breaches in terms of fiat value, comparable to the Mt. Gox hack in 2014 and the CoinCheck hack in 2018.
Furthermore, a recent investigation by blockchain expert ZachXBT revealed that the creators of the Solana-based memecoin CAT hacked the Twitter account of crypto influencer Gigantic-Cassocked-Rebirth (GCR) to manipulate cryptocurrency prices. The hackers used GCR’s account to promote ORDI and Luna 2.0 tokens, causing significant price spikes. It was discovered that the CAT team, who controlled over 63% of the token supply, sold $5 million worth of CAT and used the profits for trading on Hyperliquid. The attackers also opened substantial positions on ORDI and Ether.fi (ETHFI), making a profit of $34,000 from ORDI but losing $3,500 on ETHFI.
Stay updated with the latest news by following us on Google News.