Hackers Drain Millions from Binance Accounts Using Chrome Plugins

In this post:

  • A Chinese trader on Binance lost $1 million to a hacking scam using a promotional Google Chrome plugin called Aggr. 
  • The trader explained that the hacker used cookies and active login sessions to profit from cross-trading even though 2FA prevented direct withdrawals.
  • The trader argues that “Binance did nothing even though it was aware of the theft and frequent cross-trading.”

A trader has shared their unfortunate experience on X, describing how they lost their entire life savings to an unexpected scam on Binance. CryptoNakamao, a trader with the username ‘X,’ said that his Binance account started trading randomly on May 24. He didn’t notice it until he opened the Binance app to check the price of Bitcoin.

Also Read: The Crypto Community Shows Binance’s CZ Love as He Begins His Prison Sentence

CryptoNakamao begins explaining his ordeal by saying, “I became a victim of an undercover agent in the cryptocurrency circle, and $1 million in my Binance account was wiped out. Until now, I am still confused. This is almost all my savings in the past few years.”

Hackers Target Binance Users with Chrome Plugin 

A Chinese crypto trader was hacked on Binance. Without getting Nakamao’s account password or 2FA, the hacker stole nearly all the funds in his account through ‘counter-trading.’ Nakamao adds “I never thought that my assets would be cleared out in this way. I want to warn crypto investors not to become the next me!”

On his way home, he saw QTUM/BTC rise by 21%, DASH/BTC by 27%, PYR/BTC by 31%, ENA/USDC by 22%, and NEO/USDC by 20% due to purchases on his account. He says that he didn’t notice these operations until he opened his account to check the BTC price an hour and a half later.

According to the trader, the hackers managed to access his web browser cookie data, which they obtained through a Chrome plugin named ‘Aggr.’ Upon installing the plugin, the trader quickly discovered that malicious software had been developed with the intention of stealing users’ web browsing data and cookies.

Using the collected cookies, the hacker hijacked active user sessions without any need for a password or authentication. They then executed multiple leveraged trades, deliberately increasing the price of low liquidity pairs and profiting from these manipulations.

Binance’s Frail Response to the Hack

Despite unusually high trading activity, the trader says that the exchange failed to implement critical security measures. Moreover, despite receiving timely complaints, the exchange failed to take action to halt the behavior. He adds, “But what I didn’t expect was that [..]  the Binance staff still took more than a day to notify Kucoin and Gate to freeze the funds transferred by the hacker.”

During his investigation, the trader uncovered that Binance had prior knowledge of the fraudulent plugin and had already initiated an internal investigation. Although aware of the hacker’s address and the deceptive plugin scam, the trader expressed disappointment in the exchange for not notifying traders or implementing any measures to prevent the fraud.

Nakamao’s adds:

Binance did nothing even though it knew of the theft and frequent cross-trading. Hackers manipulated accounts for over an hour, causing extremely abnormal transactions in multiple currency pairs without any risk control; Binance failed to freeze the funds of the obvious hacker’s single account in the platform on time.


The trader argues that no matter what, the problem with the plugin could have been announced and worked out weeks before Alpha Tree announced the plugin problem to the crypto community.

The Trader Praises He Yi’s Professionalism

The trader says, “I have no intention of fighting with Binance. I also respect He Yi’s professionalism and character, and I am grateful for sisi’s understanding.” However, this plug-in problem has been around for a while.

Nakamao remains heavily disappointed with the crypto exchange. He adds, “I always read articles about Binance highlighting its security. The word “security” is always included in Binance’s annual summary every year, which makes me full of confidence in Binance.” Nakamao wants his ordeal to be a cautionary tale to all crypto investors using centralized crypto exchanges and hackable plugins.

Cryptopolitan Reporting By Florence Muchai

Subjects tagged in this post: | |

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

Share link:

Most read

Loading Most Read articles...

Stay on top of crypto news, get daily updates in your inbox

Related News

Subscribe to CryptoPolitan