A Chinese trader fell victim to a hacking scam, losing $1 million through a promotional Google Chrome plugin named Aggr.

This malicious plugin steals cookies from users, enabling hackers to bypass both passwords and two-factor authentication (2FA) to access the victim’s Binance account.

Binance Account Compromised Through Stolen Cookies

The trader, known by the username CryptoNakamao on the social media platform X, recounted the devastating event that transpired on May 24. CryptoNakamao noticed random trading activities in his Binance account when he checked the Bitcoin price through the Binance app. By the time he sought assistance, the hacker had already withdrawn all his funds. 

According to the trader, the hackers exploited his browser cookie data, which they had obtained through the Aggr Chrome plugin. Initially installed to access data from prominent traders, the plugin was actually designed to steal users’ web browsing data and cookies. The stolen cookies allowed the hackers to hijack active user sessions without needing passwords or authentication, executing multiple leveraged trades to manipulate prices of low liquidity pairs for profit.

Despite the hacker being unable to withdraw funds directly due to 2FA, they leveraged the cookies and active login sessions to execute cross-trading. The trader detailed how the hacker purchased several tokens in the Tether trading pair with high liquidity and placed limit sell orders above the market price in Bitcoin, USD Coin, and other pairs with low liquidity.

By opening leveraged positions and buying excess amounts, the hacker successfully completed the cross-trading, which involves offsetting buy and sell orders for the same asset without recording the trade on the exchange.

hack

CryptoNakamao Blames Binance for Inaction

CryptoNakamao accused Binance of failing to implement essential security measures despite unusually high trading activity. He claimed that even after timely complaints, the exchange did not take action to stop the fraudulent activities. His investigation revealed that Binance was aware of the fraudulent plugin and was already conducting an internal investigation. Despite this, Binance allegedly failed to inform traders or take preventive measures against the fraud. 

The trader expressed frustration, stating, “Binance did nothing even though it knew of the theft and frequent cross-trading. Hackers manipulated accounts for over an hour, causing extremely abnormal transactions in multiple currency pairs without any risk control; Binance failed to freeze the funds of the obvious hacker’s single account on the platform on time.”

Binance Denies Security Breach

Yi He, co-founder of Binance, dismissed claims that the platform’s security breach led to the loss of $1 million from a single user account. On June 3, Yi He clarified, “This user’s account was breached because their own computer was hacked; they are a lost cause. After the hack, the hacker could not withdraw funds, so the hacker sold the victim’s coins, leading to trading losses.”

CryptoNakamao responded, alleging that his entire account balance was lost through “counter-trading” without the hacker obtaining his Binance account password or 2FA instructions. He explained that the hacker manipulated his account by holding his web cookies hostage, buying corresponding tokens in the USDT trading pair with high liquidity, and placing limit sell orders above the market price in BTC, USDC, and other pairs with low liquidity.

Yi He further warned users about the risks of logging into accounts with active cookie plugins to avoid the minor inconvenience of typing passwords for each login. She stated, “Binance is not able to compensate users when their own login devices are compromised.”

He, a former Chinese TV host, is currently one of the two women leading the world’s largest crypto exchanges, alongside Bitget’s CEO, Gracy Chen. In April, she remarked that her spouse, Binance’s co-founder and former CEO, Changpeng Zhao, received the “most optimal outcome” in his United States sentencing on money laundering charges.

Pedro Augusto

LinkedIn Twitter WhatsApp

Pedro Augusto is a financial writer and editor fluent in Portuguese and English, specializing in finance, economics, and investments. He holds degrees in Mechanical Engineering and Financial Management. Pedro is a financial analyst for stocks, ETFs, and macroeconomics on Seeking Alpha, a seasoned translator in the Forex market for companies like OctaFX and FBS, and experienced in localizing content for the currency exchange and international remittances market, notably for the Remitly startup. Additionally, he's a skilled writer and translator in the cryptocurrency and blockchain sector, working with firms like Phemex and Coinpanda.

Related Posts

Author by
Treasure Samuel
Author by
Lucky Ebosele
Author by
Lele Jima

sidebar