en
Back to the list

Binance user shares update on $70k loss incident highlighting security gaps and response concerns

source-logo  crypto.news 04 March 2024 08:24, UTC

A Binance user, known by the username doomxbt, reported a significant security breach in their account, leading to the loss of a substantial amount of cryptocurrency.

The incident, which unfolded over the past few days, has raised concerns over the security measures of one of the world’s leading cryptocurrency exchanges.

Doomxbt took to social media X to share their ordeal, beginning when they first flagged unauthorized activity on their account on Feb. 29. They reported hearing sound notifications for orders being filled, which was an early indication that their account might have been compromised. Despite having two-factor authentication enabled, suggesting that the account’s security measures were bypassed, doomxbt experienced unexpected trade orders and the processing of loans, culminating in the conversion of assets into BNB tokens and their subsequent withdrawal.

After noticing these unauthorized trades, doomxbt filed a police report on Feb. 29 following advice from blockchain sleuth zachxbt. Despite their proactive approach to cybersecurity, doomxbt’s Binance account was compromised, resulting in unauthorized transactions and the withdrawal of 158.08718191 BNB (Binance Coin) to an external address, leading to a significant loss of $70,000 in digital assets.

update:
I filed the police report on Thursday night like @zachxbt has advised me to. The only attention I received from @binance was two days ago (1st of March), a google meet video call initiated by two "security experts" Gerry & Holic who acted very confused like they have no… pic.twitter.com/jyRArH0Zmm

— 𝔡𝔬𝔬𝔪 (@doomxbt) March 3, 2024

The transaction details provided by the user include a withdrawal address and a transaction ID, highlighting the traceability of the unauthorized movements within the platform.

You might also like: Hackers target Coinbase, Binance staff with phishing clones of Gmail, iCloud

In response to the incident, Binance initiated contact with doomxbt through a Google Meet video call on Mar. 1, featuring two individuals introduced as “security experts” named Gerry and Holic. According to doomxbt, the experts appeared unprepared and requested the user to run two applications, Nettiquette and KnockKnock, to aid in the investigation.

The experts suggested that the hack might have been executed by gaining access to the browser’s cookies, but doomxbt remains unsure of how the breach occurred despite thorough checks of their system.

The user expressed frustration over the handling of their case by Binance, noting a lack of communication and support from the platform’s help desk, social media lead Alex W, and CEO Richard Teng. No apology or indication of compensation for the losses incurred has been received, leaving doomxbt to deal with the aftermath of the hack, which included paranoia over identity theft and the necessity to secure their online presence and financial assets.

Doomxbt’s experience underscores the vulnerabilities users face even with stringent personal cybersecurity measures and the importance of diversified investment strategies to mitigate risks. The incident also highlights the growing scrutiny over cryptocurrency exchanges and their responsibility to safeguard user assets amid increasing reports of security breaches across various platforms, prompting calls for enhanced security measures and more responsive customer support.

Read more: Nigeria fines Binance $10b in forex-rate manipulation probe

crypto.news