Chinese Trader Loses $1 Million in Bitcoin Due to Malicious Chrome Extension Exploit

• A Chinese crypto trader has recounted his ordeal after losing a substantial amount of his savings due to a Chrome plugin exploit.
• He has criticized Binance for what he perceives as a slow response that allowed his funds to be stolen.
• This incident underscores the importance of cybersecurity measures in the rapidly evolving crypto market.

Discover how a malicious Chrome extension stole $1 million in crypto, and what this means for users relying on large exchanges for security.

Malicious Chrome Extension Swipes $1 Million in Crypto

In late February, a crypto investor named Doomxbt reported a harrowing experience where his Binance account was drained of $70,000. Despite watching his funds disappear in real time, he was unable to stop the theft.

After receiving multiple notifications from Binance about orders being executed, he contacted customer support, but his balance still hit zero. Despite having two-factor authentication (2FA) activated, the breach occurred without any apparent issues. Binance’s security team, led by CEO Richard Teng, began investigating the incident.

In the ensuing months, more users reported similar losses. Notably, a Chinese trader recently lost $1 million due to a similar exploit. The trader shared his experience on X to warn the crypto community about the malware responsible for his loss.

On May 24, CryptoNakamao discovered unauthorized trading on his Binance account. This led him to uncover a malicious Chrome extension that facilitated the theft.

Binance Reacts to Security Concerns

CryptoNakamao expressed his disappointment with Binance, alleging that the exchange allowed the hacking activities to continue during their investigation. He also revealed that the Chrome plugin had been promoted by an influencer, who had been paid to endorse it.

“It appears Binance had known about this plugin for some time and even encouraged further investigation from the influencer promoting it. Despite tracking the hacker’s activities, they failed to take timely action to prevent further thefts, making me a victim,” said Nakamao.

In response, Binance denied prior knowledge of the Aggr plugin and the influencer’s involvement. They stated that they had only learned about the malicious plugin after Nakamiao’s incident and vowed to further investigate the matter.

Unfortunately for Nakamao, Binance stated they could not offer compensation as the theft resulted from his device being compromised by the malicious plugin:

“We sympathize with your situation, but the loss was due to your device being compromised by a malicious plugin. This type of case is unrelated to Binance, and we cannot provide compensation.”

Conclusion

This incident highlights the critical need for enhanced cybersecurity measures in the crypto industry. Users should be vigilant about the tools they use and the potential risks involved, especially when dealing with substantial amounts of money. While Binance’s response has been deemed insufficient by some victims, it underscores the challenges exchanges face in safeguarding user funds against sophisticated exploits.