Binance, a cryptocurrency exchange, swiftly responded to a Chinese user’s distressing ordeal of losing an astonishing $1 million in cryptocurrency assets within their Binance account due to a security breach.
According to Binance’s Co-founder, the incident transpired as a result of the user’s device being compromised, granting the attacker access to exploit a malicious plug-in and pilfer login credentials.
In a recent development, a Binance user based in China fell victim to a staggering $1 million loss in cryptocurrency attributed to a security breach facilitated by a malevolent Chrome plugin. The perpetrator leveraged control over the user’s web cookies, circumventing the necessity for passwords or 2FA, and executed “counter-trading” maneuvers to deplete the account.
In a demonstration of its unwavering commitment to security responsiveness, Binance promptly attended to the user’s request for freezing their account in a mere 1 minute and 19 seconds, notwithstanding the absence of prior notification regarding the AGGR plug-in.
The company conveyed, “The team was not aware of the March case you mentioned in your post and it was related to AGGR. Thank you for sharing the information of the ‘KOL’ outside the platform in your post. We will continue to investigate and share and synchronize with you as soon as possible if there is any new progress.“
Binance elucidated the intricacies entailed in scrutinizing cross-trading activities, attributing the delay in response to the imperative for meticulous examination and validation of suspicious accounts across multiple transactions and counterparties.
Moreover, Binance extended empathy to the user, stating, “We sympathize with your experience, but according to the information we have learned so far, the reason for your asset loss is that your related devices were manipulated because of the installation of malicious plug-ins.“
The platform underscored the challenge confronting its security team, tasked with analyzing over 8,000 transactions involving 1,600 counterparties, necessitating thorough data extraction and analysis. Owing to the complexity, customer service lacks the authority for investigations, resulting in responses being provided on the subsequent day.
Binance is heightening system security, with a focus on fortifying login status storage and detecting anomalous trade patterns. Users are strongly encouraged to utilize the official app or a clean browser and promptly log out after each session to mitigate the risk of account breaches.
