In June, news broke that a Binance crypto hack through a malicious Chrome plugin “Aggr” has allowed cyber crooks to steal nearly $1 million from an individual in China. Learn more about this story here.
Preface
Cryptocurrency is great: for some, it is an investment, for others, it’s a tool to purchase access to software or other appliances. Regardless, for many, cryptocurrency is a means to an end. However, recently, news broke that a malicious Google Chrome plugin titled “Aggr” was responsible for the theft of almost $1 million USD from an individual in China. Here’s what happened.
The Crypto Hack: What Happened?
According to Binance, a cryptocurrency trader going by the alias of “CryptoNakamao” has installed the crypto plugin into Google Chrome to enhance his cryptocurrency trading capabilities. The Google Chrome plugin wasn’t exactly a trading plugin though — rather, it was something akin to a Trojan Horse that let attackers take control of the crypto assets through a crypto hack. It is said that after installing the Google Chrome plugin, CryptoNakamao accessed Binance (presumably to check the price of his crypto assets) and noticed something was amiss.
After paying close attention, CryptoNakamao noticed some trading activity and suspected a crypto hack. The essence of the crypto hack is said to be as follows:
- Once CryptoNakamao has installed the Google Chrome plugin, the plugin has hijacked the session cookies of Binance to access his account on the platform thus bypassing the need for a username/password and 2FA.
- The perpetrators then executed the crypto hack through a method called “counter-trading”: in other words, the crypto hack was done by exchanging one thing for another in that the attackers had controlled an account, sold tokens from that account with a sky-high price, then sold the tokens at market value and took the profit home. It is presumed that attackers stole around 1 million dollars in cryptocurrency by using such measures.
- After the crypto hack had occurred, CryptoNakamao explained what had happened to certain people in security who helped him uncover the entire scheme.
It appears that the Google Chrome plugin used for the crypto hack was specifically designed in such a way that helped malicious parties to take control of a web browsing session.
What Can We Learn?
So, what can we learn from this crypto hack? One thing is clear: don’t trust any add-on that you see on the web! Another thing would be to check through the tools you use: are you sure that they’re doing the things that they’re supposed to be doing? This crypto hack also signifies that attackers are active every day and that they also make use of cryptocurrency.
Lastly, even if recommendations come from the people you trust, make sure to check on the tools that are recommended for you to use — people can recommend you use a variety of different tooling, but are you sure that this tool won’t harm you in the process?
Summary
The Binance crypto hack is a tough lesson for the Chinese man — be careful who you trust on the web and if you’re using tools, make sure that they serve their purpose and are not trojan horses under a disguise too.
It’s always sad to see someone lose their prized possessions — especially a sum close to a million dollars. Incidents happen though, and we need to be prepared for it.
For now, secure yourself from data breaches and identity theft by searching for yourself or your close ones on BreachDirectory or by using the BreachDirectory API to implement the data inside BreachDirectory into your own system, and until next time.
Also, make sure to follow us on X (Twitter), LinkedIn, and Facebook. Join our Discord too!
Frequently Asked Questions — the Crypto Hack
What is the Binance Crypto Hack About?
The recent Binance crypto hack isn’t related to Binance as a service per se — rather, it’s related to one of its users who lost close to a million dollars after attackers have made use of a malicious plugin within Google Chrome.
What Should I Be Aware Of For Similar Things Not to Happen to Me?
For similar things not to happen to you or anyone you know, make sure to double-check (triple-checking won’t hurt) the information you receive, and don’t install any plugin you see without making sure it’s trustworthy.
Why Should I Use Data Breach Search Engines?
You should consider making use of data breach search engines such as BreachDirectory to protect yourself from identity theft — after you’ve made sure that the data breach search engine is really who it says to be (there are impersonators — double-check the domain), follow the advice within the website to protect yourself.