Trader blames ‘slow’ Binance after losing millions to fake Google plugin

, ,
by Protos Staff

A Chinese trader claims that Binance ignored “extremely abnormal transactions” and failed to freeze funds belonging to an “obvious hacker,” leading to them losing their $1 million life savings via a promotional Google plugin.

The trader, who goes by the name ‘CryptoNakamao’ on social media, reportedly used the Aggr plugin to access trading data. However, it actually allowed hackers to find a way around password and two-factor authentication (2FA) protection to gain access to their Binance account.

Once into their account, CryptoNakamao explains that the hacker bought several tokens in the Tether trading pair — which had abundant liquidity – and placed sell orders in Bitcoin, USD Coin, and other trading pairs — which had scarce liquidity.

Then, despite not being able to withdraw funds directly, the hacker was able to open leveraged positions, buy a large amount in excess, and complete their cross-trading.

The trader says they noticed their account trading randomly on May 24 but by the time they got in touch with Binance, it had been drained.

“Throughout the process, the response of Binance staff was very slow and they did not help users recover any losses,” they wrote on X (formerly Twitter).

“Seeing that the exchange interception had completely failed, I sought help from a security company to see if the hacker could be locked down.”

At least $25M lost across three incidents in busy day for crypto hackers

Read more: Big Brother surveillance dystopia is now reality at Binance

Binance knew about the plugin and the hacker’s address

During the course of the investigation, CryptoNakamao claims that, not only had Binance known about the plugin and the nature of the pilot for some time, but it had also received complaints, and had even “tracked down the hacker’s address at least three or four weeks ago.”

Despite this, it still failed to take any action.

Taking to X (formerly Twitter) to vent, CryptoNakamao said:

“Binance knew about the problems with the hacker and the plug-in, but did nothing for several weeks, allowing the promotion to continue, resulting in greater financial losses.

“Hackers manipulated accounts for more than an hour, causing extremely abnormal transactions in multiple currency pairs without any risk control.

“Binance failed to freeze the funds of the obvious hacker’s single account in the platform in a timely manner and it took more than a day before Binance contacted the relevant platform to freeze the transaction.”

Got a tip? Send us an email or ProtonMail. For more informed news, follow us on XInstagramBluesky, and Google News, or subscribe to our YouTube channel.