Pages:
Author

Topic: My Binance account got hacked (Read 287 times)

full member
Activity: 2590
Merit: 228
February 20, 2021, 12:18:11 AM
#26
Don't you have your 2FA enabled? If yes, how can anyone access your account? If you are not using 2FA, please enable.
And, this post should be here in meta. Meta is for forum issue purpose. You can post it in exchange sub board.


Brother i don't know how? But i already mentioned that i used all type of security.  Like Email verification, phone verification and 2fa also. Now i don't how he/she bypass all of this. But no matter he Couldn't take anything from me.
Is this really possible ? to Bypass your Phone verification ? or your device is the one who got compromised , so the hacker got directly to your account because Binance has a tight security feature to make us safe.
and the hacker obviously has no idea about your activity because if he does then surely he will never tempt hacking your 3$  Grin
but with this post i have got alarmed and maybe find another exchange to use because this is not a usual way of hacking when bypassing the security features happen.
copper member
Activity: 1190
Merit: 3
February 19, 2021, 05:01:14 PM
#25
This is where two-factor authentication (2FA) comes into the picture. If it is an email or SMS code, one can easily know if someone is trying to access your account and also can save the breach. Having said so, it is becoming very difficult to save account information in this hacking situation. As you mentioned, we should not have all assets in one place. Diversity always works and everywhere.
member
Activity: 700
Merit: 14
February 19, 2021, 10:25:11 AM
#24
I'm not sure what you see.  How to access with Email + SMS authentication, in addition, passwords can be hacked by hackers, but not through email and SMS authentication, even 2FA.  
It could be your negligence by not adopting the best security mechanisms.
I don't think binace could do anything bad to damage their reputation!  3 $ lol
sr. member
Activity: 1115
Merit: 253
DGbet.fun - Crypto Sportsbook
February 18, 2021, 03:48:33 AM
#23
First i wonder about your story but then i remember that binance exchange already hacked severel time. Scammers took fund from users who used 2FA, authentication & others security.so you are right, hacking isn't big thing for any exchange no matter how strong their security is.so i also recommended people not to keep big fund on exchange rather buy and use hardware wallet like trezor,ledger for keep your fund safe
hero member
Activity: 3024
Merit: 629
February 17, 2021, 02:03:49 AM
#22
Good thing there's only $3 usdt on your account and wont hurt you that much. This is one of the reason why I dont hold my coins on exchange no matter how reputable it is (and has high security) because there's nothing impossible on hacker once they are determine to get your account.

Its a good reminder to be careful on storing your coins. Make sure you have your keys and dont hold on exchange if you dont have plan to trade it yet.
sr. member
Activity: 854
Merit: 364
Enjoy 500% bonus + 70 FS
February 16, 2021, 12:09:23 PM
#21
Try to look back again on the image that OP posted where it prompt that theres a new log in session on a new IP which basically means that it is logged in on other place.

This is what I'm always thinking. Should not be possible to log in elsewhere. Even I will type my Binance password here, no one can breach that account easily.

In my case, Binance APP needs both mobile number and email verification. Passwords are different on my email and Binance. On Binance website, a mobile number is needed. And with that, the hacker still found a way to breach OP's account.

OP do something wrong here for sure. No way the hacker can just enter an account without the general details. Where the hacker found the email? the number? Or maybe OP is a victim of phishing or using the same login credential on all accounts.
A very good point by you because its very hard to do this all just one case account is compromised or victim of phishing because I personally using Binance account I have 3 security options enable so feeling much secure with this all.
sr. member
Activity: 2506
Merit: 368
February 16, 2021, 12:02:47 PM
#20
Try to look back again on the image that OP posted where it prompt that theres a new log in session on a new IP which basically means that it is logged in on other place.

This is what I'm always thinking. Should not be possible to log in elsewhere. Even I will type my Binance password here, no one can breach that account easily.

In my case, Binance APP needs both mobile number and email verification. Passwords are different on my email and Binance. On Binance website, a mobile number is needed. And with that, the hacker still found a way to breach OP's account.

OP do something wrong here for sure. No way the hacker can just enter an account without the general details. Where the hacker found the email? the number? Or maybe OP is a victim of phishing or using the same login credential on all accounts.
The only explanation coming to my mind is hacker gets access to the PC with remote control apps. If the OP holds the 2FA keys and password lists on the hard disk, it is easy peasy for a hacker to track everything, hijack it or even download the ransomware to the device. After getting the access to remote control app, the simple login to the chrome database and taking the copy of the 2FA app will easily let the hacker repeat the same withdrawal over and over. Better safe than sorry, so I never keep remote control apps on my desktop pc.
Correct me if I'm wrong here but OP said these lines...
Now i leave that account. I won't use it again. Bad luck for hardworker hacker Grin. And i spend almost 7 hours to remove my all account details what i stored on some drive site.
It keeps me thinking maybe he did put some personal details on any drive site and the hacker got some access to that site or it could be that OPs computer is compromised already and without having the 2fa turned on. Huh
That's an easy access to the hacker but luckily OP already managed to sent those funds to some exchange or traded with fiat already.

Let's take this lesson for everyone that be very cautious about of your personal stuffs especially in online. So put up everything every security measures you can in order to avoid someone gaining easy access to your account. Always put the 2FA to always get notified if someone is ratting your account.
hero member
Activity: 2058
Merit: 538
Leading Crypto Sports Betting & Casino Platform
February 15, 2021, 04:56:13 PM
#19
Try to look back again on the image that OP posted where it prompt that theres a new log in session on a new IP which basically means that it is logged in on other place.

This is what I'm always thinking. Should not be possible to log in elsewhere. Even I will type my Binance password here, no one can breach that account easily.

In my case, Binance APP needs both mobile number and email verification. Passwords are different on my email and Binance. On Binance website, a mobile number is needed. And with that, the hacker still found a way to breach OP's account.

OP do something wrong here for sure. No way the hacker can just enter an account without the general details. Where the hacker found the email? the number? Or maybe OP is a victim of phishing or using the same login credential on all accounts.
The only explanation coming to my mind is hacker gets access to the PC with remote control apps. If the OP holds the 2FA keys and password lists on the hard disk, it is easy peasy for a hacker to track everything, hijack it or even download the ransomware to the device. After getting the access to remote control app, the simple login to the chrome database and taking the copy of the 2FA app will easily let the hacker repeat the same withdrawal over and over. Better safe than sorry, so I never keep remote control apps on my desktop pc.
legendary
Activity: 2688
Merit: 1065
Undeads.com - P2E Runner Game
February 15, 2021, 04:45:45 PM
#18
Try to look back again on the image that OP posted where it prompt that theres a new log in session on a new IP which basically means that it is logged in on other place.

This is what I'm always thinking. Should not be possible to log in elsewhere. Even I will type my Binance password here, no one can breach that account easily.

In my case, Binance APP needs both mobile number and email verification. Passwords are different on my email and Binance. On Binance website, a mobile number is needed. And with that, the hacker still found a way to breach OP's account.

OP do something wrong here for sure. No way the hacker can just enter an account without the general details. Where the hacker found the email? the number? Or maybe OP is a victim of phishing or using the same login credential on all accounts.
legendary
Activity: 3094
Merit: 1127
February 15, 2021, 03:37:07 PM
#17
Don't you have your 2FA enabled? If yes, how can anyone access your account? If you are not using 2FA, please enable.
And, this post should be here in meta. Meta is for forum issue purpose. You can post it in exchange sub board.

Binance sets a 2FA by default thru email or mobile number. Everyone can't just login to Binance without entering a code from these.

Also wonder how OP got hacked. Maybe you left your PC or device and people around you sneak into it, as you won't get logged out automatically once you log in. Like here on my PC, it was login since the other day but unless I log out or cleared my browsing data, it will remain online. I don't know how long the login session in Binance is.
Try to look back again on the image that OP posted where it prompt that theres a new log in session on a new IP which basically means that it is logged in on other place.
Its true that Binance do really require out those security measures first before you can able to proceed thats why its really hard to believe on that he hasnt able to set those things
first and good thing that op did able to pull out his funds earlier and that was indeed a close call.The mindset of not to store up coins on an exchange did really save up his ass.
Security breaches situations like these are common.Even though its selective ones but i do agree on what had said that hackers are always 1 step ahead this is why we should really be careful.
legendary
Activity: 2436
Merit: 1008
February 15, 2021, 12:12:08 PM
#16
Don't you have your 2FA enabled? If yes, how can anyone access your account? If you are not using 2FA, please enable.
And, this post should be here in meta. Meta is for forum issue purpose. You can post it in exchange sub board.

Binance sets a 2FA by default thru email or mobile number. Everyone can't just login to Binance without entering a code from these.

Also wonder how OP got hacked. Maybe you left your PC or device and people around you sneak into it, as you won't get logged out automatically once you log in. Like here on my PC, it was login since the other day but unless I log out or cleared my browsing data, it will remain online. I don't know how long the login session in Binance is.
legendary
Activity: 3234
Merit: 1130
Leading Crypto Sports Betting & Casino Platform
February 15, 2021, 06:45:03 AM
#15
when I had a blockchain.com account I was constantly receiving 2F sms and it wasn’t me trying to login. it was some thief who always tried to login to my account and then I changed the password. but I stopped using blockchain.com

In the case of Binance:

if you do day trade you will inevitably have to keep some funds in the binance so put a strong password and 2F
hero member
Activity: 3038
Merit: 634
February 15, 2021, 01:49:48 AM
#14

I have heard that hackers can impersonate the google authenticator app but the mobile phone sim 2fa is more secure.  I wonder if it's true ?
Never heard of it but it is possible to happen. But how can they access one's account by just having the 2FA?hmm, maybe they can also do that.

But the other trick can happen through sim swap if they have authenticator on their sims.
hero member
Activity: 2856
Merit: 618
Leading Crypto Sports Betting & Casino Platform
February 15, 2021, 12:11:51 AM
#13
Don't you have your 2FA enabled? If yes, how can anyone access your account? If you are not using 2FA, please enable.
And, this post should be here in meta. Meta is for forum issue purpose. You can post it in exchange sub board.


Brother i don't know how? But i already mentioned that i used all type of security.  Like Email verification, phone verification and 2fa also. Now i don't how he/she bypass all of this. But no matter he Couldn't take anything from me.

You were using 2fa on google authenticator or on your mobile phone sim ?
I have heard that hackers can impersonate the google authenticator app but the mobile phone sim 2fa is more secure.  I wonder if it's true ?
member
Activity: 196
Merit: 15
Sovryn - Brings DeFi to Bitcoin
February 14, 2021, 01:59:51 PM
#12


I don't know how people can do this? I used strong password and also use all security option but no result this bloody f**king person got access my account.
But the bad thing for him my account had only $3 usdt Grin
Because i don't hold my money to any centralized wallet or exchange. Ohh god i saved my money because 6 feb i withdrawn my all amount from binance. God save me.

Some tips for everyone
  • Avoid to hold big amount on any exchange or wallet. No matter how much security it has. Because scammer are also powerful  Lips sealed
  • Do not save your any account details on any online source like drive or notepad type. I suggest you to avoid keep it on device. Best option is write in paper.
  • try to avoid clicking promotional link you got from email.
[/b]

Now i leave that account. I won't use it again. Bad luck for hardworker hacker Grin. And i spend almost 7 hours to remove my all account details what i stored on some drive site.
You make the hackers work more easier the moment you failed to activate 2fa authentication and also one time passcode that must be sent to your mobile number, anyways thanks for sharing will be more careful
full member
Activity: 826
Merit: 104
February 14, 2021, 04:33:10 AM
#11
You have been lucky in this situation and I think this is not just for you, but for everyone using exchanges.  Always be careful with keeping your account information as well as personal information in the places where you feel most comfortable.  And restrict access to bad websites, prevent dangerous things from coming into contact with your computer.  But in fact, people will remember longer and know how to react when they have been really hacked 😅.
full member
Activity: 1330
Merit: 147
February 13, 2021, 06:05:30 PM
#10
Depend on the person actually, you will be find if yourong term investment, you can store your asset into hardwallet. But for those trader I guess they can't do withdraw everyday. They should store their money at least one week in the exchange.

There is a way which can make your account save actually, even just a have a little chance for the hacker got your account. You can choose google authenticator, this password is changed in one minute. Until now, I use google authenticator and its work to me. I never been hacked, they only tried to hack my email account.
legendary
Activity: 1197
Merit: 1001
February 13, 2021, 04:12:40 PM
#9
Now i leave that account. I won't use it again. Bad luck for hardworker hacker Grin. And i spend almost 7 hours to remove my all account details what i stored on some drive site.

I suggest you claim it back. Never leave accounts to hackers and scammers. As of now, they have at least some piece of information about you. And if you leave the account like that, the hackers can use it further.
hero member
Activity: 3024
Merit: 745
🌀 Cosmic Casino
February 13, 2021, 03:49:05 PM
#8
Don't you have your 2FA enabled? If yes, how can anyone access your account? If you are not using 2FA, please enable.
And, this post should be here in meta. Meta is for forum issue purpose. You can post it in exchange sub board.


Brother i don't know how? But i already mentioned that i used all type of security.  Like Email verification, phone verification and 2fa also. Now i don't how he/she bypass all of this. But no matter he Couldn't take anything from me.
Why ask if you've said that you know it and if you're using many kinds of security for that account. Do you remember websites that you login with the same login details of yours in your Binance account?
Or do you remember if you ever login or connected your Binance account to any website that requires it?
legendary
Activity: 2366
Merit: 1272
Heisenberg
February 13, 2021, 03:26:20 PM
#7

Brother i don't know how? But i already mentioned that i used all type of security.  Like Email verification, phone verification and 2fa also. Now i don't how he/she bypass all of this. But no matter he Couldn't take anything from me.
It could also be through a malware on your computer which can spy on almost all activity on your computer including recording what you type, your login credentials, even your 2FA codes or back up codes. I have seen a case where a malware (R.A.T - Remote Access Trojan) was used to access someone's funds and withdraw all of it.

I would advise to just format your PC and install a fresh OS. Abandoning an account might not help if the malware is still there in your device
Pages:
Jump to: