Binance User Loses $1 Million Due to Chrome Plugin

A hacker gained control over a Chinese trader’s Binance account without needing a password or 2FA confirmation. Following a series of transactions, the perpetrator withdrew assets worth $1 million.

我成了币圈卧底的牺牲品，币安账户里100万美元灰飞烟灭

直到现在我整个人还是懵的，这几乎是我这几年全部的积蓄。… pic.twitter.com/sSNUTXFZsc

— Nakamao? (@CryptoNakamao) June 3, 2024

The incident occurred on May 24. During the process, the investor claims he received no notifications from the security service.

Experts determined that the hacker intercepted the user’s session through a malicious Chrome browser plugin called AggrTrade using cookies. The open-source software provides aggregator services. The trader noted that many opinion leaders and some thematic Telegram channels actively promote the solution.

The original AggrTrade platform team warned on May 29 about a fraudulent extension using its brand. According to them, the scam has targeted exchanges like Bitget, Kraken, Binance, and others since 2022. An active promotional campaign involving influencers began in March 2024.

? Security Breach Alert: We’ve discovered a fraudulent Chrome extension using our brand AggrTrade. This scam has targeted exchanges like Bitget, Kraken, Binance, and others since 2022. In March 2024, a promo campaign on X & Telegram used crypto influencers to endorse it.

— AggrTradeApp (@AggrTradeApp) May 29, 2024

Following the incident, the investor raised several complaints about the exchange’s support service. Binance specialists responded very slowly to his inquiries, the user claims. He contacted the team while the hacker was still active in the account to prevent the withdrawal of funds, but it happened nonetheless.

It took Binance staff more than a day to contact exchanges KuCoin and Gate.io to request a freeze on the stolen assets, which proved futile.

The user noted that in early March, there were rumors that at least one Binance account had been intercepted using a fraudulent plugin. Allegedly, the incident prompted a reaction from the exchange’s CEO Richard Teng, who announced an investigation. Therefore, the investor believes the platform’s team was aware of the issue but did nothing to resolve it for a long time.

“The reason I invested a large sum in stablecoins on Binance is trust. However, when I faced risks, a series of actions by the platform left strange feelings,” he wrote.

OKX User Loses $2 Million via AI Scam

According to journalist Colin Wu, a trader on OKX from Japan lost assets worth over $2 million.

An OKX user disclosed today that hackers purchased his personal information and used AI to create fake videos. Hackers used these to change the victim’s OKX passwords and even 2FA. More than $2 million US were stolen. Be wary of Deepfakes and personal data leaks.…

— Wu Blockchain (@WuBlockchain) June 3, 2024

The perpetrators acquired his leaked personal data on Telegram. They then accessed the exchange via the investor’s email, claiming a forgotten password.

Hackers also used AI-generated video to change the linked mobile phone number, thus enabling them to confirm their actions through Google Authenticator.

Within a day, the trader’s funds were withdrawn from his account on the exchange.

Back in December, the OKX team addressed a critical vulnerability affecting the wallet app on iOS.