Hi all,
Want to warn you about a very professional hacking method, just lost 0.25 BTC on Binance with 2FA on:
"You've successfully withdrawn 0.24943000 BTC to the address .
Your withdrawal address is bc1qg793kpstnyarn284ltupcrvwa88yca3e9kqykl,txid is 96d7ac34c2f645787c48cf65637ed379123177b2b08431c7c250f991d5383694"
I recently logged in on Binance, just typed "Binance" in the search bar of google chrome and I was automatically directed to the real Binance website (secure connection). I had to provide my credentials as usual and entered the 2FA code, the page seemed to refresh and I had to enter the 2FA code again. I just figured something went wrong and the site was stuck/blocked or the code was wrong so without thinking twice, I entered the 2FA code again. 1 minute later, altcoins were converted to BTC and a withdrawal was confirmed. I immediately disabled my account and contacted support, I had no clue how this was possible. Support answered that they saw everything was approved and done through my pc and they cannot recover the funds.
Normally you need to use the code in the e-mail to withdraw, but I did not receive a mail from binance, until I started looking for it. It was not visible in my gmail inbox, because all mails from ["[email protected]](mailto:"[email protected])" were filtered out!! After running a virus scan with Avira, I got 1 detection so they did not need any passwords, but were just using my pc to perform all actions on both gmail and binance. They only needed me to enter the 2FA code and they probably corrupted chrome or something, redirecting me to a page looking exactly similar to the 2FA login page as soon as I was logged in. They clearly had access to my chrome, because I did not receive any changes or strange logins on my google account and backup account. However, once you access google chrome from an already approved pc with the right gmail logged in, you don't need any password to get into the mailbox anymore. Bookmarking the binance site would also not have helped, they just had control over my browser so they could probably just as easily change the bookmark too.
Luckily most of my crypto is on a ledger (not your keys, not your coins), but losing 0.25 BTC is still a major hit and as they infected my PC and were very patient, they probably would get a hold of my coins anyway at some point.
Hopefully we can track where these bitcoins are going. Maybe other people got scammed this way and they might try to convert it to dollars at some point...
Don't EVER enter your 2FA code twice in a row. Close the site and try again!!!
Watch your back...
[link] [comments]
You can get bonuses upto $100 FREE BONUS when you:
π° Install these recommended apps:
π² SocialGood - 100% Crypto Back on Everyday Shopping
π² xPortal - The DeFi For The Next Billion
π² CryptoTab Browser - Lightweight, fast, and ready to mine!
π° Register on these recommended exchanges:
π‘ Binanceπ‘ Bitfinexπ‘ Bitmartπ‘ Bittrexπ‘ Bitget
π‘ CoinExπ‘ Crypto.comπ‘ Gate.ioπ‘ Huobiπ‘ Kucoin.
Comments