A recent hacking incident has once again shaken the cryptocurrency world. Additionally, the security weaknesses at Binance, which was at the center of the incident, were exposed. A Chinese trader known on social media as CryptoNakamao reported losing $1 million to hackers through a Google Chrome extension called Aggr. This extension, seemingly designed to provide data from traders, was actually malicious software used to steal users’ cookie information.
Hackers Steal Cryptocurrencies
CryptoNakamao noticed unusual activities when he saw random trades on his Binance account. Upon checking Bitcoin prices through the Binance app, he discovered that his funds were being traded without his consent. Despite urgently requesting help from Binance, the hackers managed to withdraw all his funds before any intervention.
The hackers bypassed security measures like passwords and two-factor authentication (2FA) by stealing cookie data through the Aggr extension. By accessing active user sessions, they executed a series of leveraged trades to manipulate the market. They maximized profits by buying tokens with high liquidity and selling them in pairs with low liquidity.
Binance Accused of Inadequate Security Measures
Despite the restrictions imposed by 2FA, which should have prevented direct withdrawals, the hackers executed profitable trades through session hijacking methods. They purchased large amounts of Tether (USDT) and placed limit sell orders in Bitcoin (BTC) and USD Coin (USDC) pairs. These trades caused abnormal price increases, and the hackers benefited from these increases through leveraged positions.
The victimized trader accused Binance of not taking adequate security measures to prevent such incidents. He claimed that Binance ignored unusual trading patterns and did not respond to his notifications in a timely manner. He also alleged that Binance was aware of the malicious extension and related risks but did not warn users or take preventive measures.
Disappointment at Its Peak
The trader expressed his disappointment with Binance’s indifference to the obvious risk posed by the Aggr extension.
He stated that Binance’s internal investigation into the extension was insufficient and that it failed to protect its users from ongoing threats. Additionally, he criticized the exchange for not freezing the hacker’s account despite clear signs of fraudulent activity.
