On June 3rd, 2024, a victim shared on X about losing over one million dollars in their Binance account. The cause was identified as a cookie hijacking attack facilitated by a Chrome browser plugin. You can verify the tweet here.

How Did The Hacker Gain Access? 

Although the victim had protection layers like MFA, the hacker could not withdraw the funds directly. Instead, they drained the assets by executing matched orders of low liquidity trade pairs.

New Method of Personal Device Attack

In response to the incident, Binance conducted a thorough analysis and identified the compromised personal device as the root cause. The exchange promised ongoing efforts to enhance security measures for its end users. Verify tweet here.

Fraudulent Plugins Mimicking Common Ones

Scammers can replicate plugins to mimic official releases from known companies. They often use paid promotions on social platforms to endorse these plugins with positive reviews, leading users to install them, which can have disastrous consequences.

Plugins Controlled by Hackers

Some plugins, initially designed to offer utility benefits, may become targets for acquisition by hackers once they gain popularity. Hackers may then release new versions with malicious features aimed at stealing user assets.

Safety Tips for Browser Plugins

Thoroughly review plugins or extensions before installation.

Download only official plugins from verified sources.

Limit site access to avoid data being read across websites.

Use clean, plugin-free browsers when accessing accounts holding digital assets.

Log Out After Using Apps Containing Assets

Many users stay logged in continuously to avoid the hassle of repeatedly entering credentials. However, this practice exposes the risk of scammers leveraging these active sessions to impersonate the user.