Close this search box.

Chinese Trader Loses $1 Million: Hackers Exploit Chrome Plugin from Binance Accounts

Chinese Trader Loses $1 Million in Hacking Scam Involving Aggr Google Chrome Plugin.
binance hacking scam

On May 24th, a user known as CryptoNakamao on platform X reported that hackers had stolen nearly all the funds from his account, totaling $1 million. The attack was carried out using malicious software.

The malware originated from a Google Chrome plugin called Aggr. CryptoNakamao installed this plugin after seeing it promoted by several influencers on social media.

Once installed, the hackers used the malware to collect the victim’s cookies. These cookies were then used to bypass password and two-factor authentication (2FA), allowing the hackers to log into the victim’s Binance account and drain all the funds.

“I became a victim of a malware attack, and $1 million in my Binance account was wiped out,” said the user.
“I was hacked because of this plugin while it was being widely promoted.”
“The specific way this malicious plugin works is as follows: If you install and use the malicious plugin, hackers can collect your cookies and send them to the hacker’s server. The hackers can then use the collected cookies to hijack user sessions (pretending to be that user). As a result, hackers don’t need your password or 2FA to control your account.”

CryptoNakamao also criticized Binance employees for their “very slow response and lack of help in recovering any losses.” He believes that Binance had known about the plugin’s existence for a long time and had even traced the hacker’s address at least 3 or 4 weeks prior. They had also obtained the name and link to the plugin from influencers. Despite this, according to him, Binance failed to issue a timely warning about the plugin, leading to him becoming a victim.

According to Wu Blockchain, another Binance user reported a similar theft on March 1, using the same method. Binance has not yet commented on this incident.

Regardless of the outcome, this incident serves as an expensive lesson for everyone. Users must exercise caution before installing any plugins or software. It’s crucial to thoroughly verify that the application is safe before installation.


New Post

Read more

Bitcoin ETFs see record inflows in July, signaling strong investor sentiment and driving Bitcoin, Ethereum, and altcoins higher.
Mastercard integrates its API with Alchemy Pay to enhance security for crypto solutions, reducing fraud with advanced machine learning and boosting user protection.
Some firms have proposed business practices that the SEC agrees could exempt them from controversial crypto accounting guidance, according to an SEC source.