Trader Loses Millions in Binance Hacking Scam via Chrome Plugin Access

Aggr Binance Google Chrome
Ad Disclosure
Ad Disclosure

We believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. However, this potential compensation never influences our analysis, opinions, or reviews. Our editorial content is created independently of our marketing partnerships, and our ratings are based solely on our established evaluation criteria. Read More
Last updated:
Ad Disclosure
Ad Disclosure

We believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. However, this potential compensation never influences our analysis, opinions, or reviews. Our editorial content is created independently of our marketing partnerships, and our ratings are based solely on our established evaluation criteria. Read More
Journalist
Journalist
Hassan Shittu
Author Categories
About Author

Hassan, a Cryptonews.com journalist with 6+ years of experience in Web3 journalism, brings deep knowledge across Crypto, Web3 Gaming, NFTs, and Play-to-Earn sectors. His work has appeared in...

Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews
Ad DisclosureWe believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. Read more

A Chinese trader recently fell victim to a sophisticated hacking scam, losing $1 million due to a compromised Google Chrome plugin, which gained access to the trader’s Binance account.The plugin stole cookies, allowing hackers to bypass security measures and access the trader’s Binance account, resulting in a significant financial loss.

Google Chrome Plugin-facilitated Attack on the Trader’s Binance Account

Today, it was reported that a Chinese trader lost $1 million in a hacking scam involving a Google Chrome plugin called Aggr. This plugin stole user cookies, which hackers then used to bypass password and two-factor authentication (2FA) protections to gain access to the victim’s Binance account. The trader, who uses the username CryptoNakamao on X, shared the details of the incident on the platform.

https://twitter.com/CryptoNakamao/status/1797519128632381847

On May 24, CryptoNakamao noticed random trades on their Binance account and realized the severity of the situation only after checking the Bitcoin price on the Binance app.

Unfortunately, by the time they sought help from Binance, the hacker had already withdrawn all the funds.

“I contacted customer service immediately, but during this process, the hacker was still operating my account. Logically, the hacker’s funds must still be on the platform, but the response I got from Binance was that the hacker withdrew all his funds from Binance safely.”

The hackers reportedly exploited cookie data stolen via the Aggr plugin, which the trader had installed to access data from prominent traders. The plugin was malicious software designed to steal web browsing data and cookies. With this data, hackers hijacked active user sessions without a password or authentication.They conducted multiple leveraged trades to manipulate the prices of low liquidity pairs and profit from these actions.Despite 2FA protections, the hackers used stolen cookies and active login sessions to cross-trade, buying several tokens in the highly liquid Tether trading pair. They placed limit sell orders exceeding market prices in Bitcoin, USD Coin, and other low-liquidity trading pairs. By opening leveraged positions and buying large amounts, they completed cross-trading without recording the transactions on the exchange.CryptoNakamao criticized Binance for not implementing necessary security measures despite the unusually high trading activity and for failing to act even after timely complaints.During their investigation, CryptoNakamao discovered that Binance was already aware of the fraudulent plugin and was conducting an internal investigation.However, despite knowing the hacker’s address and the nature of the scam, Binance allegedly did not inform traders or take action to prevent the fraud.“Binance did nothing even though it knew of the theft and frequent cross-trading,” CryptoNakamao wrote.

“Hackers manipulated accounts for over an hour, causing extremely abnormal transactions in multiple currency pairs without any risk control; Binance failed to freeze the funds of the obvious hacker’s single account on the platform on time.”

Crypto Heist Increasing Gradually

Japanese Bitcoin exchange DMM recently experienced a significant security breach on Friday, resulting in the loss of 4,502.9 bitcoins valued at 48.2 billion yen (USD 305 million). DMM confirmed the hack publicly, describing it as an “unauthorized leak of Bitcoin from our wallet.” Despite the severity of the hack, DMM assured its customers that their Bitcoin deposits would be fully guaranteed. With support from partner companies, DMM plans to procure the equivalent amount of lost BTC. This incident marks one of the largest exchange hacks by fiat value, with historical comparisons to the Mt. Gox hack of 2014 and the CoinCheck hack of 2018.A recent investigation by blockchain sleuth ZachXBT also revealed that the creators of the Solana-based memecoin CAT hacked the Twitter account of crypto influencer Gigantic-Cassocked-Rebirth (GCR) to manipulate cryptocurrency prices.On May 26, the hackers used GCR’s account to promote ORDI and Luna 2.0 tokens, causing price spikes. ZachXBT found that the CAT team, which controlled over 63% of the token supply, sold $5 million worth of CAT and funneled some profits into trading on Hyperliquid. The attackers also opened significant positions on ORDI and Ether.fi (ETHFI), profiting $34,000 from ORDI but losing $3,500 on ETHFI.

More Articles

Industry Talk
Berachain’s BERA Airdrop Surges 71% – Can it Overtake Solana?
Simon Chandler
Simon Chandler
2025-02-07 14:05:52
Bitcoin News
Canadian Who Hid 450 BTC from U.S. Feds Sentenced to 41 Months in Prison
Hassan Shittu
Hassan Shittu
2025-02-07 13:37:28
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors