News

Hackers use a Chrome Plugin to access Binance Accounts and Steal Millions of Dollars

single-image

By stealing users’ cookies, the promotional plugin allows hackers to access the victim’s Binance account without requiring a password or two-factor authentication.

Stay in the know on crypto by frequently visiting Crypto News Today

A hacking scam utilizing the promotional Aggr Google Chrome plugin cost a Chinese trader $1 million. Users’ cookies are stolen by the promotional plugin, which hackers then use to access the victim’s Binance account by avoiding password and two-factor authentication (2FA) verification.

CryptoCaster Quick Check:

A trader shared their story of losing their life savings to an unforeseen scam on X. The trader, who goes by the X username CryptoNakamao, claimed that they were unaware of their account’s arbitrary trading until they opened the Binance app to check the Bitcoin on May 24.

The hacker had taken all of the money out by the time he went to Binance for help.

Hacker stole cookie data for cross-trading on Binance.

The trader stated that the hackers had obtained his browser’s cookie information by using the Aggr Chrome plugin. After installing the plugin in order to access notable trader data, the trader discovered that malicious software had been developed to steal cookies and browsing history from users.

Advertisement

The hacker then carried out numerous leveraged trades to drive up the price of low liquidity pairs and profit from them by using the cookies he had collected to take over active user sessions without a password or authentication.

The trader clarified that despite 2FA preventing direct fund withdrawals, the hacker was still able to profit from cross-trading by using cookies and active login sessions.

According to the trader, the hacker purchased multiple tokens in the highly liquid Tether USDT trading pair and put limit sell orders in other trading pairs with limited liquidity, such as Bitcoin, USD Coin, and others, that were higher than the market price.

Ultimately, the hacker initiated leveraged positions, made a sizable excess purchase, and finished the cross-trading. When buy and sell orders for the same asset are offset without the trade being recorded on the exchange, this is known as a cross trade.

Trader blames Binance

The trader alleges that even with abnormally high trading activity, Binance failed to put in place necessary security measures. Moreover, they added, the exchange did not act to halt it even after receiving timely complaints.

Advertisement

The trader found out during their investigation that Binance had already started an internal investigation and had been aware of the fraudulent plugin for some time. The trader claimed that even though Binance was aware of the hacker’s address and the specifics of the plugin scam, it did not notify the traders or take any action to stop the fraud. The merchant penned:

“Binance did nothing even though it knew of the theft and frequent cross-trading. Hackers manipulated accounts for over an hour, causing extremely abnormal transactions in multiple currency pairs without any risk control; Binance failed to freeze the funds of the obvious hacker’s single account in the platform on time.”


CryptoCaster™ steadfastly upholds its dedication to keeping our global audience well-informed about the ongoing adoption of blockchain technology, as well as the latest hurdles emerging from government-controlled fiat financial systems, banking conglomerates, and other major institutional entities. Our commitment extends to providing comprehensive updates and insights into how these developments affect the broader landscape of digital currencies, the potential regulatory impacts on blockchain innovations, and the evolving dynamics between traditional financial institutions and emerging cryptocurrency markets. By staying at the forefront of these critical issues, CryptoCaster™ aims to empower our audience with the knowledge needed to navigate the complex interplay of technology, regulation, and finance in the modern world. CRYPTOCASTER® - DECENTRALIZED FREEDOM! 

We hope you appreciated this article. Before you move on, I was hoping you would consider taking the step of supporting CryptoCaster’s journalism. 

From  Elon Musk, Larry Fink(BlackRock) to Jamie Dimon(JP Morgan Chase) a number of billionaire owners have a powerful hold on so much of the hidden agendas’ which eludes the public concerning the paradigm shift juxtaposed by cryptocurrency and web3 emerging technologies. CryptoCaster is different. We have no billionaire owner or shareholders to consider. Our journalistic efforts are produced to serve the public interest in crypto development and institutional disruptions – not profit motives.

And we avoid the trap that befalls much U.S. and global media – the tendency, born of a desire to please all sides, to engage in false equivalence in the name of neutrality and retail consumer protection. While fairness and transparency dictates everything we do, we know there is a right and a wrong position in the fight against fiat global banking interest and monetary reconstruction precipitated by the emerging crypto ecology.

When we report on issues like the FTX, Binance and Ripple crisis, we’re not afraid to name who or what is uncovered. And as a crypto sentinel, we’re able to provide a fresh, outsider perspective on the global monetary disruption – one so often missing from the insular American and European media bubble. 

Around the world, readers can access the CryptoCaster’s paywall-free journalism because of our unique reader-supported model. That’s because of people like you. Our readers keep us independent, beholden to no outside influence and accessible to everyone – whether they can afford to pay for news and information, or not.

We thankyou for the on-going support our readers have bestowed monetarily. If you have not considered supporting CryptoCaster, if you can, please consider supporting us just once from $1 or more of Bitcoin (satoshi) or Eth, and better yet, support us every month with a little more. Scroll further down this page to obtain CryptoCaster’s wallet addresses.

Thank you.

Kristin Steinbeck
Editor, CryptoCaster


Please Read Essential Disclaimer Information Here.
© 2024 Crypto Caster provides information. CryptoCaster.world does not provide investment advice. Do your research before taking a market position on the purchase of cryptocurrency and other asset classes. Past performance of any asset is not indicative of future results. All rights reserved.


Contribute to CryptoCaster℠ Via Metamask or favorite wallet. Send Coin/Token to Addresses Provided Below.
Thank you!
BTC – bc1qgdnd752esyl4jv6nhz3ypuzwa6wav9wuzaeg9g
ETH – 0x7D8D76E60bFF59c5295Aa1b39D651f6735D6413D
MATIC – 0x7D8D76E60bFF59c5295Aa1b39D651f6735D6413D
LITECOIN – ltc1qxsgp5fykl0007hnwgl93zr9vngwd2jxwlddvqt


CRYPTOCASTER HEATMAP


You may also like