Breaking Crypto News – Inside the Attack on Binance Accounts Due to Chrome Plugin Aggr
Breaking Crypto News – Aggr, a promotional Google Chrome plugin, was used in a hack that cost a Chinese trader $1 million. By stealing cookies from users, the promotional plugin allows hackers to access the victim’s Binance account without requiring a password or two-factor authentication (2FA).
According to the trader, who goes by the X moniker CryptoNakamao, they opened the Binance app to check the price of Bitcoin and only recognized that their Binance account was trading arbitrarily on May 24. The hacker had already taken all of the money when he went to Binance for help.
Victimized Investor Blames Binance
According to the trader, the hackers used a Chrome extension named Aggr to obtain access to his web browser’s cookie data. After installing the plugin in order to access notable trader data, the trader discovered that malicious software had been developed to steal cookies and browser history from users. The hacker then carried out many leveraged trades to drive up the price of low liquidity pairings and benefit from them by using the cookies he had obtained to take over active user sessions without a password or authentication.
According to the trader, the hacker leveraged cookies and active login sessions to profit from cross-trading, despite being unable to take funds directly because of 2FA. The trader stated that in trading pairs with restricted liquidity, such as Bitcoin and USD Coin, the hacker put limits on sell orders that were higher than the market price. Notwithstanding the abnormally high trading volume, the trader alleges that Binance failed to put in place the necessary security safeguards. Additionally, they noted that the exchange did nothing to halt it despite receiving timely objections.
Binance did nothing even though it knew of the theft and frequent cross-trading. Hackers manipulated accounts for over an hour, causing extremely abnormal transactions in multiple currency pairs without any risk control; Binance failed to freeze the funds of the obvious hacker’s single account in the platform on time.
CryptoNakamao
FAQ
Can Chrome Extensions be Malicious?
Certain browser extensions are created from the ground up using malware. The malicious malware starts to damage the device as soon as the user downloads and installs the extension.
Why is 2FA Important?
Because it instantly eliminates the risks associated with password compromise, two-factor authentication (2FA) is crucial to web security.
How Does Cross Trading Work?
When a broker purchases and sells the same stock for the same price in order to balance securities, this is known as a cross transaction. The trade is not recorded on the exchange. This indicates that the broker trades with two different clients at that price at the same time
For more up-to-date crypto news, you can follow Crypto Data Space.
![Stage The Ultimate Platform for Music, Technology, and Fan Engagement [RAW]](https://cryptodataspace.com/wp-content/uploads/2024/06/Stage-The-Ultimate-Platform-for-Music-Technology-and-Fan-Engagement-RAW-150x150.jpg "Stage: The Ultimate Platform for Music, Technology, and Fan Engagement [RAW] | Crypto Data Space")
Leave a comment