{"id":140762,"date":"2024-06-06T11:00:27","date_gmt":"2024-06-06T11:00:27","guid":{"rendered":"https:\/\/fr.cryptonews.com\/?p=140762"},"modified":"2024-06-04T10:28:03","modified_gmt":"2024-06-04T10:28:03","slug":"des-hackers-exploitent-un-plugin-chrome-pour-voler-des-millions-sur-des-comptes-binance","status":"publish","type":"post","link":"https:\/\/cryptonews.com\/fr\/news\/des-hackers-exploitent-un-plugin-chrome-pour-voler-des-millions-sur-des-comptes-binance\/","title":{"rendered":"Des traders perdent leur argent sur Binance, que se passe-t-il ?"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-124962\" src=\"https:\/\/cryptonews.com\/wp-content\/uploads\/sites\/3\/2023\/11\/1700554845-binance-plateforme-trading-hong-kong.jpg\" alt=\"\" width=\"1260\" height=\"630\" srcset=\"https:\/\/cryptonews.com\/fr\/wp-content\/uploads\/sites\/3\/2023\/11\/1700554845-binance-plateforme-trading-hong-kong.jpg 1260w, https:\/\/cryptonews.com\/fr\/wp-content\/uploads\/sites\/3\/2023\/11\/1700554845-binance-plateforme-trading-hong-kong-300x150.jpg 300w, https:\/\/cryptonews.com\/fr\/wp-content\/uploads\/sites\/3\/2023\/11\/1700554845-binance-plateforme-trading-hong-kong-1024x512.jpg 1024w, https:\/\/cryptonews.com\/fr\/wp-content\/uploads\/sites\/3\/2023\/11\/1700554845-binance-plateforme-trading-hong-kong-768x384.jpg 768w\" sizes=\"auto, (max-width: 1260px) 100vw, 1260px\"><\/p><p>Le plugin de Google Chrome <strong>Aggr<\/strong> a entrain&eacute; d&rsquo;importantes pertes pour plusieurs investisseurs. Ce plugin, qui se fait passer pour un outil de trading permettant d&rsquo;acc&eacute;der &agrave; des donn&eacute;es on chain, aurait donn&eacute; l&rsquo;acc&egrave;s &agrave; des comptes Binance aux hackers, en exploitant les cookies du navigateur infect&eacute;. Une enqu&ecirc;te d&eacute;voile que Binance &eacute;tait d&eacute;j&agrave; au courant de cette faille.\n<\/p><h2>Une faille de cookies<\/h2><p><span class=\"replacer\"><\/span><\/p><p>\nTout a commenc&eacute; quand un trader chinois, <a href=\"https:\/\/x.com\/CryptoNakamao\">CryptoNakamao<\/a>, a d&eacute;clar&eacute; sur X avoir remarqu&eacute; une <strong>&laquo; activit&eacute; de trading &raquo;<\/strong> &eacute;manant de son compte Binance.<\/p><p>N&rsquo;ayant pas effectu&eacute; de transaction, il se connecte alors sur son application pour voir ce qu&rsquo;il se passe, mais c&rsquo;est d&eacute;j&agrave; trop tard : <strong>le hacker a d&eacute;j&agrave; siphonn&eacute; plus d&rsquo;un million de dollars d&rsquo;actifs<\/strong>.<\/p><p>https:\/\/twitter.com\/CryptoNakamao\/status\/1797519128632381847<\/p><p>Il semblerait que le plugin Aggr <strong>volait simplement les cookies du navigateur<\/strong>, stockant les donn&eacute;es des utilisateurs, que les hackers pouvaient alors utiliser pour <strong>contourner la page de connexion et m&ecirc;me le facteur &agrave; deux authentifications<\/strong> de Binance.<\/p><p>Les pirates ont utilis&eacute; les cookies vol&eacute;s pour <strong>manipuler le march&eacute; par le biais de transactions &agrave; effet de levier<\/strong> sur des paires de cryptos &agrave; faible liquidit&eacute;.<\/p><p>Cette m&eacute;thode leur a permis de <strong>gonfler artificiellement les prix<\/strong> et d&rsquo;ex&eacute;cuter des transactions rentables aux d&eacute;pens des comptes compromis.<\/p><p>Les coupables se sont livr&eacute;s <strong>&agrave; des op&eacute;rations crois&eacute;es<\/strong> &mdash; o&ugrave; les ordres d&rsquo;achat et de vente d&rsquo;un m&ecirc;me actif sont compens&eacute;s sans &ecirc;tre enregistr&eacute;s sur la bourse &mdash; en achetant divers jetons contre du Tether et en pla&ccedil;ant des ordres de vente limit&eacute;s &agrave; des prix sup&eacute;rieurs au taux du march&eacute; dans d&rsquo;autres paires d&rsquo;&eacute;change moins liquides.\n<\/p><h2>Binance trop lent<\/h2><p><span class=\"replacer\"><\/span><\/p><p>\nMalgr&eacute; la rapidit&eacute; avec laquelle Nakamo a signal&eacute; le probl&egrave;me, il semble que Binance <strong>n&rsquo;ait pas eu le temps de mettre fin aux transactions<\/strong>. La plateforme <a href=\"https:\/\/cryptonews.com\/fr\/news\/binance-gele-4-2-millions-dollars-xrp-provenant-hack-cofondateur-ripple\/\">n&rsquo;a pas directement gel&eacute; les actifs de Nakamao<\/a>, ce qui a permis aux hackers de continuer la manipulation <strong>pendant plus d&rsquo;une heure<\/strong>.<\/p><p><strong>Nakamao a donc perdu toutes ses &eacute;conomies<\/strong> &agrave; cause de cette faille de s&eacute;curit&eacute;.<\/p><p>Le pire dans cette histoire est <span lang=\"FR\">s&ucirc;rement<\/span> que <strong>Binance &eacute;tait d&eacute;j&agrave; au courant de la nature malveillante du plugin Aggr<\/strong> et menait une enqu&ecirc;te en interne. Nakamao estime donc que <a href=\"https:\/\/cryptonews.com\/fr\/news\/binance-recrute-une-equipe-anti-fraude-et-sen-debarrasse-quand-elle-trouve-des-preuves-de-fraudes\/\">Binance a manqu&eacute; d&rsquo;avertir ses utilisateurs des risques<\/a> et n&rsquo;a pas mis de mesures pr&eacute;ventives en place pour bloquer les activit&eacute;s du plug-in. Nakamao a d&eacute;clar&eacute; sur X :\n<\/p><blockquote><p>&laquo; Binance n&rsquo;a rien fait alors qu&rsquo;elle &eacute;tait au courant du vol et des transactions fr&eacute;quentes. Les pirates ont manipul&eacute; les comptes pendant plus d&rsquo;une heure, provoquant des transactions extr&ecirc;mement anormales dans plusieurs paires de devises sans aucun contr&ocirc;le des risques ; Binance n&rsquo;a pas r&eacute;ussi &agrave; geler &agrave; temps les fonds du compte unique du pirate manifestement pr&eacute;sent sur la plateforme. &raquo;<\/p><\/blockquote><p>\nIl n&rsquo;y a pas encore de chiffre officiel sur le nombre de personnes atteintes par cet exploit, mais le fait que Binance enqu&ecirc;tait<em> d&eacute;j&agrave;<\/em> sur la faille<strong> sugg&egrave;re que Nakamao n&rsquo;est pas le seul dans cette situation<\/strong>.<\/p><p>&Agrave; la r&eacute;daction de cet article, Binance a refus&eacute; tout commentaire.<\/p><hr><p>Source : <a href=\"https:\/\/x.com\/CryptoNakamao\/status\/1797519128632381847\">CryptoNakamao<\/a> (X)<\/p><hr><p>Sur le m&ecirc;me sujet :\n<\/p><ul>\n<li><a href=\"https:\/\/cryptonews.com\/fr\/news\/comment-micheal-a-retrouve-436-btc-et-gagne-une-fortune-une-histoire-de-hacker-et-de-chance\/\">Il a retrouv&eacute; ses 43,6 BTC gr&acirc;ce &agrave; un hacker<\/a><\/li>\n<li><a href=\"https:\/\/cryptonews.com\/fr\/news\/binance-gele-4-2-millions-dollars-xrp-provenant-hack-cofondateur-ripple\/\">Binance g&egrave;le 4.2 millions de dollars d&rsquo;XRP provenant du hack du cofondateur de Ripple<\/a><\/li>\n<li><a href=\"https:\/\/cryptonews.com\/fr\/news\/binance-recrute-une-equipe-anti-fraude-et-sen-debarrasse-quand-elle-trouve-des-preuves-de-fraudes\/\">Binance recrute une &eacute;quipe anti-fraude et s&rsquo;en d&eacute;barrasse quand elle trouve des preuves de fraudes<\/a><\/li>\n<\/ul><hr>","protected":false},"excerpt":{"rendered":"<p>Le plugin de Google Chrome Aggr a entrain&eacute; d&rsquo;importantes pertes pour plusieurs investisseurs. Ce plugin, qui se fait passer pour un outil de trading permettant d&rsquo;acc&eacute;der &agrave; des donn&eacute;es on chain, aurait donn&eacute; l&rsquo;acc&egrave;s &agrave; des comptes Binance aux hackers, en exploitant les cookies du navigateur infect&eacute;. Une enqu&ecirc;te d&eacute;voile que Binance &eacute;tait d&eacute;j&agrave; au [&hellip;]<\/p>\n","protected":false},"author":271,"featured_media":124962,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[10],"tags":[],"editors":[2550],"sponsored_companies":[],"class_list":["post-140762","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-defi-news","editors-jurgen-hoffman"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.9 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Des hackers exploitent un plugin Chrome pour voler des millions sur des comptes Binance<\/title>\n<meta name=\"description\" content=\"Ce plugin aurait donn\u00e9 l\u2019acc\u00e8s \u00e0 des comptes Binance aux hackers, en exploitant les cookies du navigateur infect\u00e9.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/cryptonews.com\/fr\/news\/des-hackers-exploitent-un-plugin-chrome-pour-voler-des-millions-sur-des-comptes-binance\/\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Des hackers exploitent un plugin Chrome pour voler des millions sur des comptes Binance\" \/>\n<meta property=\"og:description\" content=\"Ce plugin aurait donn\u00e9 l\u2019acc\u00e8s \u00e0 des comptes Binance aux hackers, en exploitant les cookies du navigateur infect\u00e9.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cryptonews.com\/fr\/news\/des-hackers-exploitent-un-plugin-chrome-pour-voler-des-millions-sur-des-comptes-binance\/\" \/>\n<meta property=\"og:site_name\" content=\"Cryptonews France\" \/>\n<meta property=\"article:published_time\" content=\"2024-06-06T11:00:27+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cryptonews.com\/wp-content\/uploads\/sites\/3\/2023\/11\/1700554845-binance-plateforme-trading-hong-kong.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1260\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"Des hackers exploitent un plugin Chrome pour voler des millions sur des comptes Binance\" \/>\n<meta name=\"twitter:description\" content=\"Ce plugin aurait donn\u00e9 l\u2019acc\u00e8s \u00e0 des comptes Binance aux hackers, en exploitant les cookies du navigateur infect\u00e9.\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/cryptonews.com\/wp-content\/uploads\/sites\/3\/2023\/11\/1700554845-binance-plateforme-trading-hong-kong.jpg\" \/>\n<meta name=\"twitter:creator\" content=\"@BT_NewsIR\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Des hackers exploitent un plugin Chrome pour voler des millions sur des comptes Binance","description":"Ce plugin aurait donn\u00e9 l\u2019acc\u00e8s \u00e0 des comptes Binance aux hackers, en exploitant les cookies du navigateur infect\u00e9.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/cryptonews.com\/fr\/news\/des-hackers-exploitent-un-plugin-chrome-pour-voler-des-millions-sur-des-comptes-binance\/","og_locale":"fr_FR","og_type":"article","og_title":"Des hackers exploitent un plugin Chrome pour voler des millions sur des comptes Binance","og_description":"Ce plugin aurait donn\u00e9 l\u2019acc\u00e8s \u00e0 des comptes Binance aux hackers, en exploitant les cookies du navigateur infect\u00e9.","og_url":"https:\/\/cryptonews.com\/fr\/news\/des-hackers-exploitent-un-plugin-chrome-pour-voler-des-millions-sur-des-comptes-binance\/","og_site_name":"Cryptonews France","article_published_time":"2024-06-06T11:00:27+00:00","og_image":[{"width":1260,"height":630,"url":"https:\/\/cryptonews.com\/wp-content\/uploads\/sites\/3\/2023\/11\/1700554845-binance-plateforme-trading-hong-kong.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_title":"Des hackers exploitent un plugin Chrome pour voler des millions sur des comptes Binance","twitter_description":"Ce plugin aurait donn\u00e9 l\u2019acc\u00e8s \u00e0 des comptes Binance aux hackers, en exploitant les cookies du navigateur infect\u00e9.","twitter_image":"https:\/\/cryptonews.com\/wp-content\/uploads\/sites\/3\/2023\/11\/1700554845-binance-plateforme-trading-hong-kong.jpg","twitter_creator":"@BT_NewsIR","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"NewsArticle","@id":"https:\/\/cryptonews.com\/fr\/news\/des-hackers-exploitent-un-plugin-chrome-pour-voler-des-millions-sur-des-comptes-binance\/#article","isPartOf":{"@id":"https:\/\/cryptonews.com\/fr\/news\/des-hackers-exploitent-un-plugin-chrome-pour-voler-des-millions-sur-des-comptes-binance\/"},"author":{"name":"Matthieu Dumas","@id":"https:\/\/cryptonews.com\/fr\/#\/schema\/person\/76b9c17fef745e83d7b0852a29c52698"},"headline":"Des traders perdent leur argent sur Binance, que se passe-t-il ?","datePublished":"2024-06-06T11:00:27+00:00","mainEntityOfPage":{"@id":"https:\/\/cryptonews.com\/fr\/news\/des-hackers-exploitent-un-plugin-chrome-pour-voler-des-millions-sur-des-comptes-binance\/"},"wordCount":726,"publisher":{"@id":"https:\/\/cryptonews.com\/fr\/#organization"},"image":{"@id":"https:\/\/cryptonews.com\/fr\/news\/des-hackers-exploitent-un-plugin-chrome-pour-voler-des-millions-sur-des-comptes-binance\/#primaryimage"},"thumbnailUrl":"https:\/\/cryptonews.com\/wp-content\/uploads\/sites\/3\/2023\/11\/1700554845-binance-plateforme-trading-hong-kong.jpg","articleSection":["Actualit\u00e9s DeFi"],"inLanguage":"fr-FR","copyrightYear":"2024","copyrightHolder":{"@id":"https:\/\/cryptonews.com\/#organization"}},{"@type":"WebPage","@id":"https:\/\/cryptonews.com\/fr\/news\/des-hackers-exploitent-un-plugin-chrome-pour-voler-des-millions-sur-des-comptes-binance\/","url":"https:\/\/cryptonews.com\/fr\/news\/des-hackers-exploitent-un-plugin-chrome-pour-voler-des-millions-sur-des-comptes-binance\/","name":"Des hackers exploitent un plugin Chrome pour voler des millions sur des comptes Binance","isPartOf":{"@id":"https:\/\/cryptonews.com\/fr\/#website"},"primaryImageOfPage":{"@id":"https:\/\/cryptonews.com\/fr\/news\/des-hackers-exploitent-un-plugin-chrome-pour-voler-des-millions-sur-des-comptes-binance\/#primaryimage"},"image":{"@id":"https:\/\/cryptonews.com\/fr\/news\/des-hackers-exploitent-un-plugin-chrome-pour-voler-des-millions-sur-des-comptes-binance\/#primaryimage"},"thumbnailUrl":"https:\/\/cryptonews.com\/wp-content\/uploads\/sites\/3\/2023\/11\/1700554845-binance-plateforme-trading-hong-kong.jpg","datePublished":"2024-06-06T11:00:27+00:00","description":"Ce plugin aurait donn\u00e9 l\u2019acc\u00e8s \u00e0 des comptes Binance aux hackers, en exploitant les cookies du navigateur infect\u00e9.","breadcrumb":{"@id":"https:\/\/cryptonews.com\/fr\/news\/des-hackers-exploitent-un-plugin-chrome-pour-voler-des-millions-sur-des-comptes-binance\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cryptonews.com\/fr\/news\/des-hackers-exploitent-un-plugin-chrome-pour-voler-des-millions-sur-des-comptes-binance\/"]}],"author":[]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/cryptonews.com\/fr\/news\/des-hackers-exploitent-un-plugin-chrome-pour-voler-des-millions-sur-des-comptes-binance\/#primaryimage","url":"https:\/\/cryptonews.com\/wp-content\/uploads\/sites\/3\/2023\/11\/1700554845-binance-plateforme-trading-hong-kong.jpg","contentUrl":"https:\/\/cryptonews.com\/wp-content\/uploads\/sites\/3\/2023\/11\/1700554845-binance-plateforme-trading-hong-kong.jpg","width":1260,"height":630,"caption":"application binance"},{"@type":"BreadcrumbList","@id":"https:\/\/cryptonews.com\/fr\/news\/des-hackers-exploitent-un-plugin-chrome-pour-voler-des-millions-sur-des-comptes-binance\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/cryptonews.com\/fr\/"},{"@type":"ListItem","position":2,"name":"Des traders perdent leur argent sur Binance, que se passe-t-il ?"}]},{"@type":"WebSite","@id":"https:\/\/cryptonews.com\/fr\/#website","url":"https:\/\/cryptonews.com\/fr\/","name":"Cryptonews","description":"","publisher":{"@id":"https:\/\/cryptonews.com\/fr\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cryptonews.com\/fr\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Organization","@id":"https:\/\/cryptonews.com\/fr\/#organization","name":"Cryptonews France","url":"https:\/\/cryptonews.com\/fr\/","logo":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/cryptonews.com\/fr\/#\/schema\/logo\/image\/","url":"https:\/\/cryptonews.com\/wp-content\/uploads\/sites\/3\/2023\/09\/4.jpg","contentUrl":"https:\/\/cryptonews.com\/wp-content\/uploads\/sites\/3\/2023\/09\/4.jpg","width":1669,"height":874,"caption":"Cryptonews France"},"image":{"@id":"https:\/\/cryptonews.com\/fr\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/cryptonews.com\/fr\/wp-json\/wp\/v2\/posts\/140762","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cryptonews.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cryptonews.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cryptonews.com\/fr\/wp-json\/wp\/v2\/users\/271"}],"replies":[{"embeddable":true,"href":"https:\/\/cryptonews.com\/fr\/wp-json\/wp\/v2\/comments?post=140762"}],"version-history":[{"count":5,"href":"https:\/\/cryptonews.com\/fr\/wp-json\/wp\/v2\/posts\/140762\/revisions"}],"predecessor-version":[{"id":140985,"href":"https:\/\/cryptonews.com\/fr\/wp-json\/wp\/v2\/posts\/140762\/revisions\/140985"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cryptonews.com\/fr\/wp-json\/wp\/v2\/media\/124962"}],"wp:attachment":[{"href":"https:\/\/cryptonews.com\/fr\/wp-json\/wp\/v2\/media?parent=140762"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cryptonews.com\/fr\/wp-json\/wp\/v2\/categories?post=140762"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cryptonews.com\/fr\/wp-json\/wp\/v2\/tags?post=140762"},{"taxonomy":"editors","embeddable":true,"href":"https:\/\/cryptonews.com\/fr\/wp-json\/wp\/v2\/editors?post=140762"},{"taxonomy":"sponsored_companies","embeddable":true,"href":"https:\/\/cryptonews.com\/fr\/wp-json\/wp\/v2\/sponsored_companies?post=140762"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}