SNEAK PEEK
- Binance refutes blame for $1M hack, attributing it to compromised personal devices, not exchange security.
- Browser extension “Aggr” implicated in unauthorized access, leading to user’s loss
- Exchange urges caution against downloading browser extensions to mitigate security risks.
Binance, a prominent cryptocurrency exchange, has responded to allegations of negligence following a reported $1 million hack on a user’s account.
The exchange refutes claims of responsibility, asserting that the incident stemmed from a compromise on the user’s devices rather than a flaw within the exchange’s security measures. Yi He, co-founder of Binance, emphasized the importance of personal safety measures and user vigilance in thwarting potential hacking attempts.
Debunking Assertions
In response to claims that the vulnerability was previously identified, Binance clarified that internal records did not indicate prior knowledge of the specific plugin, “AGGR,” allegedly involved in the incident.
A spokesperson for the exchange stated that additional security measures had been implemented in response to flagged concerns related to the situation. The exchange stressed its commitment to user protection and fund security, affirming ongoing efforts to bolster security measures.
User’s Account Compromised
The user, Nakamao, reported a loss of $1 million due to a compromise facilitated by a malicious browser extension named “Aggr.” Investigation revealed that the extension, which has since been removed, intercepted the user’s cookies, particularly targeting links to Binance’s website. This allowed unauthorized access to the user’s account, bypassing password and two-factor authentication (2FA) measures.
Advice Against Browser Extensions
Binance advises against downloading browser extensions due to potential security risks. Malevolent actors may exploit such extensions to access user accounts and assets. The exchange urges users to exercise caution and refrain from engaging with suspicious browser extensions to mitigate the risk of similar incidents in the future.