Binance Hack: Users Hit by Google Plugin Scam, Lose Millions

The post Binance Hack: Users Hit by Google Plugin Scam, Lose Millions appeared first on Coinpedia Fintech News

Several Binance users have suffered huge losses from account hacks, shaking the cryptocurrency community. Popular blockchain journalist Colin Wu broke the troubling news.

The scam centers around a Google plugin named Aggr, promoted by various Key Opinion Leaders (KOLs) in the crypto community. A Chinese user lost $1 million on May 24th after using this plugin. 

Another user experienced a similar issue on March 1st. The hackers exploited hijacked cookies to bypass password and two-factor authentication (2FA), getting unauthorized access to victims’ Binance accounts.

One affected user shared their experience on X. Their account was wiped out of $1 million, almost all of their savings. The hacker made a series of trades, causing massive price increases in various trading pairs such as QTUM/BTC, DASH/BTC, PYR/BTC, ENA/USDC, and NEO/USDC. 

The user noticed these unauthorized activities only after checking Binance an hour and a half later. The second he did, though, the user contacted Binance customer service immediately. However, during this process, the hacker continued to operate the account. 

Binance’s response was slow, and the hacker had safely withdrawn all funds when they reached back. The user says Binance’s risk control measures are lacking, as the hacker’s single account and obvious arbitrage transactions go unnoticed.

According to the user, it took Binance over a day to notify other exchanges like Kucoin and Gate to freeze the stolen funds, which was too late. This delay allowed the hacker to move the funds beyond reach, leaving the user with no recourse.

This incident is not isolated. On March 1st, another user’s Binance account was hacked through the same plugin. Binance CEO Richard Teng had previously said that the security team was investigating the root cause, yet the issue continues without a clear resolution.