Binance co-founder Yi He denied the exchange’s responsibility for a security breach that resulted in a client losing $1 million.
“Look closely: this user’s account was hacked because their own computer was attacked. After the hack, the hacker couldn’t withdraw funds, so they sold the victim’s coins, leading to trading losses,” she stated.
On June 3, it was reported that a hacker gained control of a Chinese trader’s Binance account without having the password or access to two-factor authentication. After a series of trades, they withdrew assets worth $1 million.
According to security experts, the perpetrator intercepted the user’s session via a malicious Chrome browser plugin called AggrTrade using cookies.
During the attack, the investor did not receive any alerts from Binance’s security system. The trader also noted a slow response from support staff.
In response, Binance’s customer service informed the user that during the incident, “the hacker stole the login status of your account through the plugin and impersonated you to perform operations and transactions.”
用户您好,对于您的遭遇我们非常遗憾,在客服、安全和风控的同事经过案件分析,本着“公开透明”的原则在此复原场景:
1. 事件发生的原因是您的电脑本身被黑客攻破… https://t.co/ir75ThfkR0
— 币安Binance华语|Web3钱包已上线 (@binancezh) June 3, 2024
According to the exchange, security staff processed the trader’s request to freeze their account within “one minute and 19 seconds” of receiving it. However, by that time, the hacker had already completed several leveraged trades on the compromised account:
“We sympathize with your situation, but based on the information we have received so far, the reason for your asset loss is that your respective devices were manipulated due to the installation of malicious plugins. Unfortunately, we cannot compensate for such cases unrelated to Binance.”
The victim disagreed with this assessment, suggesting that the company “had long been aware of the malicious plugin,” and also linked the perpetrator’s address to other cybercrimes “three to four weeks ago.”
In November 2023, Poloniex lost nearly $125 million in cryptocurrencies due to an attack. The exchange’s owner, Justin Sun, reported the “successful identification and freezing of some assets linked to the hacker’s addresses.”
Later, the entrepreneur offered the hacker a $10 million reward for returning the stolen assets. However, in May 2024, the criminal moved the funds to the Tornado Cash mixer.