The hacker gained control of the Chinese trader's account on Binance without having a password, as well as without 2FA confirmation. After a number of transactions, the attacker withdrew assets worth $ 1 million.
我成了币圈卧底的牺牲品,币安账户里100万美元灰飞烟灭
直到现在我整个人还是懵的,这几乎是我这几年全部的积蓄。… pic.twitter.com/sSNUTXFZsc
The incident occurred on May 24. In the process, the investor did not receive any notifications from the security service, according to him.
The experts involved determined that the hacker intercepted the user's session through a malicious Chrome browser plugin called Aggtrade using cookies. Open source software provides aggregator services. The decision is actively promoted by many opinion leaders and some thematic Telegram channels, the trader noted.
On May 29, the team of the original Aggtrade platform warned about a fraudulent extension using its brand. According to them, the scam has been targeting Bitget, Kraken, Binance and others exchanges since 2022. The active promotional campaign of the scam involving influencers began in March 2024.
🚨 Security Breach Alert: We've discovered a fraudulent Chrome extension using our brand AggrTrade. This scam has targeted exchanges like Bitget, Kraken, Binance, and others since 2022. In March 2024, a promo campaign on X & Telegram used crypto influencers to endorse it.
— AggrTradeApp (@AggrTradeApp) May 29, 2024As a result of the incident, the investor had a number of complaints about the work of the exchange's support service. Binance specialists reacted extremely slowly to his appeals, the user claims. He contacted the team at the moment when the hacker continued to be active in the account to prevent the withdrawal of funds, but it still happened.
It took Binance employees more than a day to access the KuCoin exchanges and Gate.io with a request to freeze the stolen assets, which has already turned out to be useless.
The user noted that in early March, there were rumors that at least one account on Binance was intercepted using a fraudulent plugin. Allegedly, the incident then caused a reaction from the CEO of the exchange, Richard Teng, who announced the beginning of an investigation. Therefore, the investor believes that the platform team knew about the problem, but did nothing to solve it for a long time.
"The reason why I invested a large amount in the form of stablecoins on Binance is because of trust. However, when I faced the risks, a number of the platform's actions left me with strange feelings," he wrote.
OKX user was robbed of $2 million using AI
According to journalist Colin Wu, a trader on OKX from Japan lost assets worth more than $2 million.
An OKX user disclosed today that hackers purchased his personal information and used AI to create fake videos. Hackers used these to change the victim's OKX passwords and even 2FA. More than $2 million US were stolen. Be wary of Deepfakes and personal data leaks.…
— Wu Blockchain (@WuBlockchain) June 3, 2024The attackers acquired his leaked personal data in Telegram. Then they entered the exchange via the investor's email, stating that they had forgotten their password.
Hackers also used AI-synthesized video to change the linked mobile phone number. Thus, they were able to confirm their actions through Google Authenticator.
During the day, the trader's funds were withdrawn from his account on the stock exchange.
Recall that in December, the OKX team fixed a critical vulnerability affecting the wallet application for iOS.