A devastating hack has left a cryptocurrency trader, known by the username ‘CryptoNakamao’ on X, completely bereft of his life savings.
On May 24, unauthorized trades wiped out nearly $1 million from his Binance account through a scheme involving a malicious Chrome plugin named ‘Aggr.’ This incident raises significant security concerns about browser extensions among crypto traders.
Chrome extension exploits Binance security loopholes
CryptoNakamao said he installed the ‘Aggr’ plugin to enhance his trading capabilities. However, this tool turned out to be a trojan horse, giving hackers access to his web browser cookies and allowing them to manipulate his account without needing his password or 2FA codes. Through a method called ‘counter-trading,’ the hackers executed trades that spiked the prices of low liquidity crypto pairs, such as QTUM/BTC, DASH/BTC, PYR/BTC, ENA/USDC, and NEO/USDC, each seeing between 20% to 31% increases within a very short period.
The trader was unaware of these activities until he logged in to check Bitcoin prices, only to discover the significant changes and his depleted funds. He later learned that the plugin was specifically designed to steal web browsing data, enabling the hackers to take control of his trading session undetected.
Inadequate response from Binance to security breach
Due to the abnormal trading patterns, Binance’s response to the incident could have been faster for Nakamao. The exchange took over a day to communicate with other platforms like Kucoin and Gate to freeze the illicitly transferred funds. CryptoNakamao discovered during his follow-up that Binance was previously aware of the rogue plugin but needed to take adequate measures to alert its users or block its use.
The trader expressed his disappointment with Binance, noting that their annual reports frequently emphasize security, a claim that now rings hollow to him following this incident. He argues that proactive communication about the plugin’s risks could have prevented this situation.
Professionalism amidst the turmoil
Despite his ordeal, CryptoNakamao appreciates certain aspects of how some individuals at Binance handled the situation. He commended He Yi for his professional conduct and thanked another staff member for understanding during the distressing time. Nonetheless, the overall situation has left him and possibly many others skeptical of the security claims made by centralized exchanges.
The ramifications of this hack extend beyond just financial loss. It is a stark reminder to the crypto community of the vulnerabilities associated with using third-party browser plugins, especially when dealing with platforms that handle significant financial transactions. Nakamao’s story is a cautionary tale for all digital asset traders to rigorously assess the security of the tools they use in their trading activities.