In June, news broke that a Binance crypto hack through a malicious Chrome plugin “Aggr” has allowed cyber crooks to steal nearly $1 million from an individual in China. Learn more about this story here.
Cryptocurrency is great: for some, it is an investment, for others, it’s a tool to purchase access to software or other appliances. Regardless, for many, cryptocurrency is a means to an end. However, recently, news broke that a malicious Google Chrome plugin titled “Aggr” was responsible for the theft of almost $1 million USD from an individual in China. Here’s what happened.
According to Binance, a cryptocurrency trader going by the alias of “CryptoNakamao” has installed the crypto plugin into Google Chrome to enhance his cryptocurrency trading capabilities. The Google Chrome plugin wasn’t exactly a trading plugin though — rather, it was something akin to a Trojan Horse that let attackers take control of the crypto assets through a crypto hack. It is said that after installing the Google Chrome plugin, CryptoNakamao accessed Binance (presumably to check the price of his crypto assets) and noticed something was amiss.
After paying close attention, CryptoNakamao noticed some trading activity and suspected a crypto hack. The essence of the crypto hack is said to be as follows:
It appears that the Google Chrome plugin used for the crypto hack was specifically designed in such a way that helped malicious parties to take control of a web browsing session.
So, what can we learn from this crypto hack? One thing is clear: don’t trust any add-on that you see on the web! Another thing would be to check through the tools you use: are you sure that they’re doing the things that they’re supposed to be doing? This crypto hack also signifies that attackers are active every day and that they also make use of cryptocurrency.
Lastly, even if recommendations come from the people you trust, make sure to check on the tools that are recommended for you to use — people can recommend you use a variety of different tooling, but are you sure that this tool won’t harm you in the process?
The Binance crypto hack is a tough lesson for the Chinese man — be careful who you trust on the web and if you’re using tools, make sure that they serve their purpose and are not trojan horses under a disguise too.
It’s always sad to see someone lose their prized possessions — especially a sum close to a million dollars. Incidents happen though, and we need to be prepared for it.
For now, secure yourself from data breaches and identity theft by searching for yourself or your close ones on BreachDirectory or by using the BreachDirectory API to implement the data inside BreachDirectory into your own system, and until next time.
Also, make sure to follow us on X (Twitter), LinkedIn, and Facebook. Join our Discord too!
The recent Binance crypto hack isn’t related to Binance as a service per se — rather, it’s related to one of its users who lost close to a million dollars after attackers have made use of a malicious plugin within Google Chrome.
For similar things not to happen to you or anyone you know, make sure to double-check (triple-checking won’t hurt) the information you receive, and don’t install any plugin you see without making sure it’s trustworthy.
You should consider making use of data breach search engines such as BreachDirectory to protect yourself from identity theft — after you’ve made sure that the data breach search engine is really who it says to be (there are impersonators — double-check the domain), follow the advice within the website to protect yourself.
A hacking group related to North Korea is exploiting a zero-day in the Chromium browser…
What are crypto bubbles, how do they form, and should you worry about them? Learn…
Is the crypto-engine.pro blog legit and should you trust this resource? Learn here!
Reside in Brazil and found that your Twitter account suspended? There’s a good reason for…
This blog covers the recent Black Hat USA 2024 (DEFCON 2024) conference and digs into…
The CEO of Telegram and Telegram Web, Pavel Durov, has been released from custody and…