The cryptocurrency exchange Binance has added настраиваемые ограничения торговли NFT on its marketplace after a recent incident in which a user lost $200,000.
Customers can now set limits on the purchase and listing of non-fungible tokens on Binance NFT. According to the developers, the limits will help protect customer accounts from phishing malware.
Among the configurable options are a total daily purchase limit and a total asset-listing limit. To confirm the settings, a user must pass two-factor authentication. Limits can be changed no more than three times per day.
Recently, one Binance user named Anton became a victim of attackers who stole $200,000 in cryptocurrency from him.
“Under the guise of an app advertisement they sent me a trojan. I opened it foolishly. After that the attackers gained access to my active session on the exchange,” the victim told ForkLog in a comment.
Data: screenshot of the transaction history in the victim’s account.
The hackers transferred all cryptocurrency on his balance into the stablecoin BUSD, and then purchased two NFTs on the Binance marketplace from his account for $193,000 and $4,700. The actual value of the tokens did not exceed 10 BUSD.
Subsequently, the NFT proceeds were withdrawn from the exchange.
😵😵😵The hackers have stolen all my funds from #Binance by buying NFTs for $200,000!!!
I caught a trojan. Then the hackers bought 2 NFTs from themselves for 193k and 4,7k BUSD.
2FA is not required to perform operations on #BinanceNFT!!@binance @cz_binance fix the vulnerability. pic.twitter.com/D0zWmaKRJN— CRYPTOANTONY (@bi_opt) August 23, 2021
In the victim’s view, the fact that the Binance NFT marketplace uses the same account system as the main exchange played into the attackers’ hands.
He has already filed a police report regarding the theft of funds by an unknown person. On August 19, investigators opened a criminal case. ForkLog’s editors have reviewed the document.
Binance representatives told ForkLog in a statement that they promptly provided the client with support and full guidance for further action. They added that they are aware of the incident, regret what happened, and are working on introducing additional layers of security.
“We always recommend downloading apps and software only from reliable official sources and avoiding clicking on links or using software sent by unfamiliar, suspicious individuals. For additional security, we recommend considering the use of a separate device to sign in to accounts with important data,” Binance said.
Earlier, a phishing attack on the Aurory Project NFT on the Solana blockchain brought the hacker more than $1 million.
Subscribe to ForkLog news on Telegram: ForkLog Feed — the full stream of news, ForkLog — the most important news, infographics and opinions.