A Chinese Binance user reported a significant loss of $1M in crypto due to a hacker exploiting a vulnerability via a rogue Chrome plugin called Aggr.
A Chinese user of the cryptocurrency exchange Binance reportedly lost an astounding one million dollars’ worth of cryptocurrency holdings in his Binance account.
This is a fresh development in the realm of cryptocurrency theft. In a statement, the Chinese user Nakamao claimed that an undercover agent working inside the cryptocurrency community had stolen all of the money from his account.
Binance User Loses Funds to Counter Trading
The Binance user noted in his statement that his Binance account had undergone all necessary security procedures. Furthermore, the user stated that the hacker was able to deplete all of the cash through “counter-trading,” despite not having access to Nakamao’s account password or two-factor authentication (2FA).
On the 24th of May, the Binance user found that his account had been subject to suspicious trading activity. The cryptocurrency hacker controlled his account by holding his site cookies hostage, engaging in massive trades in the USDT trading pair that had a high level of liquidity, and placing limit sell orders at inflated prices in pairs that had a low level of liquidity.
By employing this strategy, the hacker managed to amass a significant profit without triggering any security alerts from Binance.
Even though the hacker made quick steps to contact Binance customer support, they continued to operate Nakamao’s account, and in the end, they were able to take all of the cash without any problems.
Binance’s delayed response and lack of adequate risk control mechanisms, which allowed the hacker’s evident arbitrage trades to go unchecked, were the points of contention for Nakamao, who expressed his anger with Binance.
Further examination revealed that a rogue Chrome plugin known as Aggr enabled the security vulnerability. This plugin, which Nakamao had downloaded on the advice of a KOL stationed overseas, allowed the hacker to collect and exploit his cookies to hijack active user sessions.
Using this strategy, the hacker was able to take control of the account without having to use a password or two-factor authentication.
Furthermore, this is one of the first cases in which a hacker was able to take the funds only through the use of a Chrome extension. The uncovered information indicates that on March 1 of this year, a hacker used the same plugin to steal funds from an overseas community member’s Binance account.
Nakamao consequently raised awareness about the potential risks associated with the use of Chrome Web plugins. Nakamao stated that Binance was aware of the malicious plugin and the hacker’s activity several weeks before Nakamao experienced them.
Binance, on the other hand, did not take any immediate measures, such as warning users or suspending plugin advertising.
According to Nakamao, Binance did not employ effective risk control procedures to detect and prevent the theft, despite the fact that the hacker had engaged in clear arbitrage transactions.
He asserts that Binance’s failure to promptly notify other platforms to freeze the hacker’s funds resulted in missed opportunities to recover the stolen assets. As a result, Nakamao has pushed for the inclusion of additional safety precautions regarding the exchange.