All the crypto from the exchange was stolen from me! Just kidding, not with me, because I know and use the rules of digital security very well, which I recommend to us. Nevertheless, this case is very interesting, it happened quite recently and once again convinces me about the huge number of potential dangers on the Internet.
UPD: Tomorrow I will tell you in more detail about the situation with the blocking by the government of accounts and cards for operations with cryptocurrency.
How did it all start?
On YouTube, there is one crypto blogger of average popularity. I will not name it, you understand why. He reviewed bitcoin, analyzed trading, investments and accumulated a good amount of bitcoins during his long stay in the market - as much as 4.5 jokes. As I understand it was a large share of all his funds, so I sincerely condole. One day (about three weeks ago), he logged into his Binance account, where all the coins were, and found that they were no longer there. Something like this.
Download whatever
First of all, discovering the lack of money, the dude, of course, checked all possible conclusions from the exchange and of course it was empty. In general, it is quite difficult to withdraw money from the exchange just like that, because there is a two-factor function and for any action you need to enter codes from SMS and soap. Nevertheless, the attackers managed to commit theft, and all thanks to the same NFTs, which I told you a couple of times.
But first things first. The whole story of the robbery began with social engineering. They wrote to the person in telegrams about cooperation and offered to start some kind of program. In the end, he agreed and installed, but being not the most naive fool in this cruel world, he checked all files for malware using standard antivirus. Clean, but exactly until the program is installed. A Trojan was discovered, of course the computer was cleaned and you can go to bed, but ... Ratnik, as it were, had already done his job, namely, downloaded the cookies and logs of the active session on the exchange. That is, the scammers gained access to the Binance account as if from the victim's computer. But what's next? How to withdraw the entire wallet balance.
$ 200,000 picture and fatal vulnerability
Fortunately, CZ took care of the convenience of scammers and forgot to enable two-factor for buying NFT in the Binance NFT Marketplace. This means that you just need to be logged in to buy digital art. No SMS and codes. You just click buy and the deal goes through. This is exactly what was done. The thieves bought 2 random cheap NFTs and then put them up for auction for 193 and 5 thousand dollars. Then they simply exchanged all the victim's bits for a stablecoin and bought these NFTs from themselves through a hacked account. Further a matter of technology. All the money for the sale went to the same stolen accounts, and through them they were transferred to the blockchain on some Monero, so that the money could not be tracked. And all this action took place at the moment when the person just walked away from the computer and forgot to log out from the exchange. The robbery is successful. Binance's support got stuck on its own,
Drawing conclusions
UPD: Tomorrow I will tell you in more detail about the situation with the blocking by the government of accounts and cards for operations with cryptocurrency.
How did it all start?
On YouTube, there is one crypto blogger of average popularity. I will not name it, you understand why. He reviewed bitcoin, analyzed trading, investments and accumulated a good amount of bitcoins during his long stay in the market - as much as 4.5 jokes. As I understand it was a large share of all his funds, so I sincerely condole. One day (about three weeks ago), he logged into his Binance account, where all the coins were, and found that they were no longer there. Something like this.
Download whatever
First of all, discovering the lack of money, the dude, of course, checked all possible conclusions from the exchange and of course it was empty. In general, it is quite difficult to withdraw money from the exchange just like that, because there is a two-factor function and for any action you need to enter codes from SMS and soap. Nevertheless, the attackers managed to commit theft, and all thanks to the same NFTs, which I told you a couple of times.
But first things first. The whole story of the robbery began with social engineering. They wrote to the person in telegrams about cooperation and offered to start some kind of program. In the end, he agreed and installed, but being not the most naive fool in this cruel world, he checked all files for malware using standard antivirus. Clean, but exactly until the program is installed. A Trojan was discovered, of course the computer was cleaned and you can go to bed, but ... Ratnik, as it were, had already done his job, namely, downloaded the cookies and logs of the active session on the exchange. That is, the scammers gained access to the Binance account as if from the victim's computer. But what's next? How to withdraw the entire wallet balance.
$ 200,000 picture and fatal vulnerability
Fortunately, CZ took care of the convenience of scammers and forgot to enable two-factor for buying NFT in the Binance NFT Marketplace. This means that you just need to be logged in to buy digital art. No SMS and codes. You just click buy and the deal goes through. This is exactly what was done. The thieves bought 2 random cheap NFTs and then put them up for auction for 193 and 5 thousand dollars. Then they simply exchanged all the victim's bits for a stablecoin and bought these NFTs from themselves through a hacked account. Further a matter of technology. All the money for the sale went to the same stolen accounts, and through them they were transferred to the blockchain on some Monero, so that the money could not be tracked. And all this action took place at the moment when the person just walked away from the computer and forgot to log out from the exchange. The robbery is successful. Binance's support got stuck on its own,
Drawing conclusions
- Binance has a serious hole that allows you to safely withdraw money. I'm sure they'll fix it soon.
- This does not mean that we do not need to use exchanges. You just need to diversify the risks and store most of the funds in cold wallets or in even safer places, which I will tell you about sometime.
- When using the exchange, the first thing you need to think about is security, set all possible authentications and regularly change passwords.
- Nevertheless, even this is unlikely to help if you get a Trojan. And you already know very well what to do with Trojans from my previous posts. We put the firewall and live happily ever after.
