MultiversX Tracker is Live!

I had 2.8BTC lost because of a hacker using my credential in Binance and Binance's late CS response and security policies.

Binance

Cryptocoins Exchanges / Binance 08/01 212 Views

I had 2.8BTC lost because of a hacker using my credential in Binance and Binance's late CS response and security policies.

I already have my case ID ( Case ID #74829694 ) but here is what I want to share.

The event happened on the 18th July. All the time below, if not screenshots or specially mentioned, are in UTC+9 (Japan time).

My computer was compromised because of a trojan and he stole my E-Mail credential and the 2FA authenticating software secret which is located inside the browser (this is a bad habit of mine I know, I recommend you not to do it, and I won't do it anymore), on 17th July near the mid-night.

I have my SMS notice saying I have unauthorized E-Mail login, and then, the Binance login. In the notification from Binance, it recommended me to "Disable my account" and "Contact them" immediately so that it can disable withdrawal from the account for 24 hours.

At that time, I noticed that all the tokens and stakings in my MetaMask and Pancakeswap(worth about 0.3BTC) are gone already. However, luckily, at the time I disabled my Binance account, the balance of my Binance account is still healthy (at about 2.9-3BTC in total).

I contacted customer support immediately and saying that my account was compromised and I have disabled my account. They said that it is escaluated to the security team. However, later in the moring (4:55am) , I had another SMS received :

https://preview.redd.it/82fuyc72qre71.jpg?1170&format=pjpg&auto=webp&s=dee495ba52ef98d63cfaf41566602072a32ab073

They still have NOT have a specialist assigned to me at that time, even if I keep saying I need to have my account "Disable Trading and Withdrawal".

But I contacted them again, even if they has their as-always "response time >6 hrs"

At that time, I cannot control my account.

When I have my account account, it is already about 12:30am on 18th July, because I finally got in contact with their guys.

During these hours, they have about thousands of transactions in my account through API and traded out(where trading partners gain in trades) nearly all the asset from my account. (I exported the trade history as CSV)

https://drive.google.com/file/d/1uBNtAPv31cUclZVFsm7SbdCBzCW_XVQ7/view?usp=sharing

Of course Binance immediately told me, they could not do anything to my lost. "Please read this page to secure your PC and contact the police", they said. I contacted the police on the same day but in the reality, the police of many countries are unwilling to simply send out official documents to a web form that you provided. At the best case, your case got assigned to a specialized team which is not under the same police station you visited. For the case of Japan, they said that it usually takes 6months to 1 year as their experience.

I was super upset and had countless times of sences and senses of suicide in my mind. I couldn't even write down what happened to my friends until today. Because my account was actually keep losing money and the largest sale was at 8:45am. Which is already so many hours after my resonse to the CS. In this kind of normal response time, any one can trade-out nearly all your asset. I think 3BTC is not a small amount in this community either.

Of course I should take care of my security, but I would like to say. Binance is indeed insecure if you compare it to any other financial institutes.

Here are the Reasons:

  1. If your Email is compromised, then the hacker can login and reset all your security items, WITHOUT contacting the Customer Support. , even if your account was disabled within 24 hours,
  2. Even if your account was disabled, trading is NOT disabled. This just disallow them to withdraw but they can still make profit through other controlled accounts. So, their suggestion of "Disabling your account" is actually giving you a false sense of secure, but in reality, this may make you lose your chance to reset your security timely because you are unable to relogin your account. You will be into a race with the hacker.
  3. I have 90% assets of my account lost. Because, Binance Customer Support did not really care about if their CS system is really timely enough to support what they claimed "If you don't recognize this activity, please contact us immediately.". Even if you do in in the first 1 or 2 minute, they can still get back to you after 8 or even 12 hours.

I feel extremely painful (it is nearly all my savings in Japan) while typing this out again even it had been 2 weeks ago. I may have missed out many. but feel free to ask or if you can raise attention to the public, I would be more grateful. Indeed, not only the hacker, I strongly believe that Binance is also responsible in this accident. They don't provide an SLA for their CS response but actually their security routine and remedy rely on their CS. (I hope readers could understand)

Sorry I need to stop and need to ask for some comforts from my friends. I may check out responses/replies (if any) tomorrow if I am mentally strong enough to face this incident again.

submitted by /u/SnooPets7335
[link] [comments]

Get BONUS $200 for FREE!

You can get bonuses upto $100 FREE BONUS when you:
πŸ’° Install these recommended apps:
πŸ’² SocialGood - 100% Crypto Back on Everyday Shopping
πŸ’² xPortal - The DeFi For The Next Billion
πŸ’² CryptoTab Browser - Lightweight, fast, and ready to mine!
πŸ’° Register on these recommended exchanges:
🟑 Binance🟑 Bitfinex🟑 Bitmart🟑 Bittrex🟑 Bitget
🟑 CoinEx🟑 Crypto.com🟑 Gate.io🟑 Huobi🟑 Kucoin.



Read more

Related Posts

Comments