Several Binance users have reported losing millions of dollars due to account hacks in a distressing development for the cryptocurrency community. The news came to light when Chinese cryptocurrency journalist Colin Wu tweeted about a series of hacks that have affected users of the platform.Wu’s tweet highlighted the case of a Chinese user who lost $1 million after downloading a Google plugin promoted by Key Opinion Leaders (KOLs) called Aggr. The attack occurred on May 24 and was facilitated through cross-trading, a technique where hackers exploit hijacked cookies to bypass password and two-factor authentication (2FA) verification.Breaking: Your Binance account may have been compromised due to downloading the KOL-promoted Google plugin Aggr. A Chinese user used this plug-in, which resulted in $1 million being stolen through cross-trading on May 24th. Another Binance user had his funds stolen on March 1.…Another Binance user experienced a similar fate on March 1, suffering significant financial loss. The hackers used the same method of hijacked cookies to gain access to the victim’s account, indicating a well-coordinated and persistent attack strategy.One of the victims, known as Nakamao, shared his harrowing experience on X, revealing the emotional and financial toll of the incident. He recounted that he became a victim of an undercover agent in the crypto circle, and $1 million in his Binance account was wiped out.我成了币圈卧底的牺牲品,币安账户里100万美元灰飞烟灭直到现在我整个人还是懵的,这几乎是我这几年全部的积蓄。… pic.twitter.com/sSNUTXFZscNakamao’s investigation, conducted in collaboration with a security company, uncovered alarming details. He realized that he had fallen victim to an elaborate scheme involving an undercover agent in the community. Nakamao’s account of the incident also raised serious concerns about Binance’s response and security measures. He noted several critical points in the timeline of events.For instance, Binance was reportedly aware of the hacker and the compromised plugin for weeks but did not take immediate action, allowing further financial losses. Despite recognizing the theft and abnormal cross-trading activities, Nakamao says that Binance failed to implement adequate risk controls, allowing hackers to manipulate accounts for over an hour.According to the user, Binance did not promptly freeze the hacker’s account, missing the opportunity to prevent further unauthorized transactions. Nakamao further revealed that it took Binance more than a day to contact relevant platforms to freeze transactions, further delaying the mitigation of losses.These revelations have sparked a wave of concern and criticism within the cryptocurrency community, with many users questioning the platform’s ability to safeguard their assets. The incidents show the importance of heightened security measures and prompt action in the face of emerging threats.
