Wanna make money? Sometimes it’s worth trying bookies not on GamStop rather than trading cryptocurrencies. Here is an example. A Chinese client of Binance, the world's largest cryptocurrency exchange, suffered huge financial losses due to an account hack. The fraud is linked to a Google plugin called Aggr, which is promoted by some influencers.
After downloading this plugin on 24 May, a Chinese user lost $1 million worth of cryptocurrency. The victim noticed suspicious activity on their account only after an hour and a half and then hurried to contact Binance support. The dissatisfied customer complained that Binance's response to the request was not quick enough, and it took the exchange more than a day to notify other trading platforms about freezing the stolen funds. As a result, the hacker managed to withdraw all the assets.
Hackers used the captured cookies for two-factor authentication (2FA), gaining unauthorized access to the Binance account, clarified crypto journalist Colin Wu. He wrote on Twitter,
“Your Binance account may have been compromised due to downloading the KOL-promoted Google plugin Aggr. A Chinese user used this plugin, which resulted in $1 million being stolen through cross-trading on May 24th. Another Binance user had his funds stolen on March 1. Hackers use hijacked cookies to bypass password/2FA verification and log into the victim's Binance account.”
A trader has accused Binance of failing to implement necessary security measures despite unusual trading activity on his account. He claimed the exchange did not act promptly even after he reported the issue. According to the trader, Binance was aware of the fraudulent plugin, was conducting an internal investigation, but did not inform users or take preventive measures.
Co-founder of the world's largest cryptocurrency exchange Binance, Yi He, commented on the serious security breach. She explained that the loss of crypto assets occurred due to a compromised personal device of the user, not due to a breach in Binance's security systems. She emphasized that a recent theft happened because a hacker got into the client's account through a malicious plugin.
Binance's support team was super quick and froze a compromised user account within one minute and 19 seconds of getting the request. Despite Binance's swift actions, the hacker had already managed to execute some leveraged trades, Yi He regretted. Yi He also urged clients to take measures to ensure their own security, especially when logging in and using plugins. She stressed that Binance cannot be held responsible for incidents arising from user negligence.
Several months ago, analysts from SlowMist warned that vulnerabilities in WordPress plugins could lead to attacks on cryptocurrency wallets and theft of crypto assets.
Binance had security breaches over the years. For example, in October 2022, they got hacked, and around $100 million worth of Binance Coin (BNB) was stolen. The hackers exploited a cross-chain bridge to mint extra BNB and moved them off the blockchain. Luckily, Binance quickly contained the situation and assured everyone their funds were safe.
Also, back in May 2019, hackers managed to steal over $40 million worth of Bitcoin from Binance. They used phishing, viruses, and other methods to gain access to user accounts and withdraw funds (Markets Insider).
Despite these incidents, Binance has been pretty proactive about improving security. They’ve got features like two-factor authentication (2FA), withdrawal whitelisting, and regular security audits to protect user assets.
Even though Binance is one of the more secure exchanges, these hacks show how important it is to be proactive and take steps to protect your account.
Binance is considered one of the more secure cryptocurrency exchanges, but like any platform, it is not completely immune to risks.
Basic Security Measures:
By following these tips, you can really boost the security of your Binance account and keep your assets safe from any threats.
Enable Two-Factor Authentication (2FA):
-
You should use Google Authenticator or SMS authentication to add an extra layer of security.
Use a Strong Password:
-
Create a complex password with a mix of uppercase and lowercase letters, numbers, and special characters.
Regularly Update Password:
-
Change your password periodically. Do not reuse passwords from other sites.
Advanced Security Measures:
Whitelist Withdrawal Addresses:
-
Enable the withdrawal whitelist feature so that funds can only be withdrawn to pre-approved addresses.
Anti-Phishing Code:
-
Set up an anti-phishing code to distinguish legitimate Binance emails from phishing ones.
Device Management:
-
Regularly check the list of devices that have accessed your account and remove any that are not recognised.
Enable Security Alerts:
-
Activate email or SMS notifications for account activity ( logins and withdrawals).
System and Network Security:
Email Account:
-
Ensure your email account, linked to Binance, is secure. Use 2FA and a strong password for your email account as well.
Phishing Attempts:
-
Always access Binance through the official website or app.Be cautious of phishing websites and links.
Update Software and Devices:
-
Keep your operating system, browser, and any antivirus software up to date. That’ll help protect your device against malware and security vulnerabilities.
Use Secure Networks:
-
Do not access your Binance account over public Wi-Fi networks. Use a VPN if necessary.
Stay informed:
-
Keep up to date with security announcements from Binance and follow their recommendations.
-
Regularly check and update your security settings.
Other Safe Crypto Exchanges
If you're looking at other secure crypto exchanges besides Binance, here are a few options that are considered secure:
Kraken
It has strong security measures and has never been hacked since its launch in 2011. They offer two-factor authentication (2FA), regular security audits, and they maintain a high level of transparency through proof of reserves.
Coinbase
One of the most popular exchanges, especially for beginners, Coinbase is regulated in the U.S. and listed on the New York Stock Exchange. It offers a wide selection of cryptocurrencies and robust security features.
SwissBorg
It's got a really user-friendly interface and strong security protocols. They make it super easy for new users to get started and even offer a straightforward staking program. It's a solid choice if you're new to crypto trading
Bitget
It's known for its military-grade security and competitive fees. They even acquired Bitkeep, a crypto wallet, to boost security further. It's not available in some U.S. states, but it’s a reliable option with great customer support and a wide range of cryptocurrencies
Disclaimer: This is a sponsored article and is for informational purposes only. It does not reflect the views of Crypto Daily, nor is it intended to be used as legal, tax, investment, or financial advice.