My Binance account got hacked | Bitcointalksearch.org

kotajikikox

full member

Activity: 2366

Merit: 207

★Bitvest.io★ Play Plinko or Invest!

Quote from: Imran232 on February 13, 2021, 01:54:14 PM

Quote from: Little Mouse on February 12, 2021, 01:15:50 PM

Don't you have your 2FA enabled? If yes, how can anyone access your account? If you are not using 2FA, please enable.
And, this post should be here in meta. Meta is for forum issue purpose. You can post it in exchange sub board.

Brother i don't know how? But i already mentioned that i used all type of security. Like Email verification, phone verification and 2fa also. Now i don't how he/she bypass all of this. But no matter he Couldn't take anything from me.

Is this really possible ? to Bypass your Phone verification ? or your device is the one who got compromised , so the hacker got directly to your account because Binance has a tight security feature to make us safe.
and the hacker obviously has no idea about your activity because if he does then surely he will never tempt hacking your 3$ Grin

but with this post i have got alarmed and maybe find another exchange to use because this is not a usual way of hacking when bypassing the security features happen.

forexandcryptoauditor

copper member

Activity: 1162

Merit: 3

This is where two-factor authentication (2FA) comes into the picture. If it is an email or SMS code, one can easily know if someone is trying to access your account and also can save the breach. Having said so, it is becoming very difficult to save account information in this hacking situation. As you mentioned, we should not have all assets in one place. Diversity always works and everywhere.

777Jolami

member

Activity: 700

Merit: 14

I'm not sure what you see. How to access with Email + SMS authentication, in addition, passwords can be hacked by hackers, but not through email and SMS authentication, even 2FA.
It could be your negligence by not adopting the best security mechanisms.
I don't think binace could do anything bad to damage their reputation! 3 $ lol

JahriMeayer

sr. member

Activity: 876

Merit: 253

Vave.com - Crypto Casino

First i wonder about your story but then i remember that binance exchange already hacked severel time. Scammers took fund from users who used 2FA, authentication & others security.so you are right, hacking isn't big thing for any exchange no matter how strong their security is.so i also recommended people not to keep big fund on exchange rather buy and use hardware wallet like trezor,ledger for keep your fund safe

lienfaye

hero member

Activity: 2912

Merit: 629

Good thing there's only $3 usdt on your account and wont hurt you that much. This is one of the reason why I dont hold my coins on exchange no matter how reputable it is (and has high security) because there's nothing impossible on hacker once they are determine to get your account.

Its a good reminder to be careful on storing your coins. Make sure you have your keys and dont hold on exchange if you dont have plan to trade it yet.

GbitG

sr. member

Activity: 714

Merit: 288

Quote from: chaser15 on February 15, 2021, 05:45:45 PM

Quote from: milewilda on February 15, 2021, 04:37:07 PM

Try to look back again on the image that OP posted where it prompt that theres a new log in session on a new IP which basically means that it is logged in on other place.

This is what I'm always thinking. Should not be possible to log in elsewhere. Even I will type my Binance password here, no one can breach that account easily.

In my case, Binance APP needs both mobile number and email verification. Passwords are different on my email and Binance. On Binance website, a mobile number is needed. And with that, the hacker still found a way to breach OP's account.

OP do something wrong here for sure. No way the hacker can just enter an account without the general details. Where the hacker found the email? the number? Or maybe OP is a victim of phishing or using the same login credential on all accounts.

A very good point by you because its very hard to do this all just one case account is compromised or victim of phishing because I personally using Binance account I have 3 security options enable so feeling much secure with this all.

Oceat

sr. member

Activity: 2506

Merit: 368

Quote from: Danslip on February 15, 2021, 05:56:13 PM

Quote from: chaser15 on February 15, 2021, 05:45:45 PM

Quote from: milewilda on February 15, 2021, 04:37:07 PM

Try to look back again on the image that OP posted where it prompt that theres a new log in session on a new IP which basically means that it is logged in on other place.

This is what I'm always thinking. Should not be possible to log in elsewhere. Even I will type my Binance password here, no one can breach that account easily.

In my case, Binance APP needs both mobile number and email verification. Passwords are different on my email and Binance. On Binance website, a mobile number is needed. And with that, the hacker still found a way to breach OP's account.

OP do something wrong here for sure. No way the hacker can just enter an account without the general details. Where the hacker found the email? the number? Or maybe OP is a victim of phishing or using the same login credential on all accounts.

The only explanation coming to my mind is hacker gets access to the PC with remote control apps. If the OP holds the 2FA keys and password lists on the hard disk, it is easy peasy for a hacker to track everything, hijack it or even download the ransomware to the device. After getting the access to remote control app, the simple login to the chrome database and taking the copy of the 2FA app will easily let the hacker repeat the same withdrawal over and over. Better safe than sorry, so I never keep remote control apps on my desktop pc.

Correct me if I'm wrong here but OP said these lines...

Quote from: Imran232 on February 12, 2021, 01:12:57 PM

Now i leave that account. I won't use it again. Bad luck for hardworker hacker . And i spend almost 7 hours to remove my all account details what i stored on some drive site.

It keeps me thinking maybe he did put some personal details on any drive site and the hacker got some access to that site or it could be that OPs computer is compromised already and without having the 2fa turned on. Huh

That's an easy access to the hacker but luckily OP already managed to sent those funds to some exchange or traded with fiat already.

Let's take this lesson for everyone that be very cautious about of your personal stuffs especially in online. So put up everything every security measures you can in order to avoid someone gaining easy access to your account. Always put the 2FA to always get notified if someone is ratting your account.

Danslip

hero member

Activity: 2058

Merit: 538

Leading Crypto Sports Betting & Casino Platform

Quote from: chaser15 on February 15, 2021, 05:45:45 PM

Quote from: milewilda on February 15, 2021, 04:37:07 PM

Try to look back again on the image that OP posted where it prompt that theres a new log in session on a new IP which basically means that it is logged in on other place.

This is what I'm always thinking. Should not be possible to log in elsewhere. Even I will type my Binance password here, no one can breach that account easily.

In my case, Binance APP needs both mobile number and email verification. Passwords are different on my email and Binance. On Binance website, a mobile number is needed. And with that, the hacker still found a way to breach OP's account.

OP do something wrong here for sure. No way the hacker can just enter an account without the general details. Where the hacker found the email? the number? Or maybe OP is a victim of phishing or using the same login credential on all accounts.

The only explanation coming to my mind is hacker gets access to the PC with remote control apps. If the OP holds the 2FA keys and password lists on the hard disk, it is easy peasy for a hacker to track everything, hijack it or even download the ransomware to the device. After getting the access to remote control app, the simple login to the chrome database and taking the copy of the 2FA app will easily let the hacker repeat the same withdrawal over and over. Better safe than sorry, so I never keep remote control apps on my desktop pc.

chaser15

legendary

Activity: 2688

Merit: 1065

Undeads.com - P2E Runner Game

Quote from: milewilda on February 15, 2021, 04:37:07 PM

Try to look back again on the image that OP posted where it prompt that theres a new log in session on a new IP which basically means that it is logged in on other place.

This is what I'm always thinking. Should not be possible to log in elsewhere. Even I will type my Binance password here, no one can breach that account easily.

In my case, Binance APP needs both mobile number and email verification. Passwords are different on my email and Binance. On Binance website, a mobile number is needed. And with that, the hacker still found a way to breach OP's account.

OP do something wrong here for sure. No way the hacker can just enter an account without the general details. Where the hacker found the email? the number? Or maybe OP is a victim of phishing or using the same login credential on all accounts.

milewilda

legendary

Activity: 3094

Merit: 1127

Quote from: agustina2 on February 15, 2021, 01:12:08 PM

Quote from: Little Mouse on February 12, 2021, 01:15:50 PM

Don't you have your 2FA enabled? If yes, how can anyone access your account? If you are not using 2FA, please enable.
And, this post should be here in meta. Meta is for forum issue purpose. You can post it in exchange sub board.

Binance sets a 2FA by default thru email or mobile number. Everyone can't just login to Binance without entering a code from these.

Also wonder how OP got hacked. Maybe you left your PC or device and people around you sneak into it, as you won't get logged out automatically once you log in. Like here on my PC, it was login since the other day but unless I log out or cleared my browsing data, it will remain online. I don't know how long the login session in Binance is.

Try to look back again on the image that OP posted where it prompt that theres a new log in session on a new IP which basically means that it is logged in on other place.
Its true that Binance do really require out those security measures first before you can able to proceed thats why its really hard to believe on that he hasnt able to set those things
first and good thing that op did able to pull out his funds earlier and that was indeed a close call.The mindset of not to store up coins on an exchange did really save up his ass.
Security breaches situations like these are common.Even though its selective ones but i do agree on what had said that hackers are always 1 step ahead this is why we should really be careful.

agustina2

legendary

Activity: 2436

Merit: 1008

Quote from: Little Mouse on February 12, 2021, 01:15:50 PM

Don't you have your 2FA enabled? If yes, how can anyone access your account? If you are not using 2FA, please enable.
And, this post should be here in meta. Meta is for forum issue purpose. You can post it in exchange sub board.

Binance sets a 2FA by default thru email or mobile number. Everyone can't just login to Binance without entering a code from these.

Also wonder how OP got hacked. Maybe you left your PC or device and people around you sneak into it, as you won't get logged out automatically once you log in. Like here on my PC, it was login since the other day but unless I log out or cleared my browsing data, it will remain online. I don't know how long the login session in Binance is.

Slow death

legendary

Activity: 2968

Merit: 1095

Leading Crypto Sports Betting & Casino Platform

when I had a blockchain.com account I was constantly receiving 2F sms and it wasn’t me trying to login. it was some thief who always tried to login to my account and then I changed the password. but I stopped using blockchain.com

In the case of Binance:

if you do day trade you will inevitably have to keep some funds in the binance so put a strong password and 2F

sunsilk

hero member

Activity: 2884

Merit: 620

Quote from: noormcs5 on February 15, 2021, 01:11:51 AM

I have heard that hackers can impersonate the google authenticator app but the mobile phone sim 2fa is more secure. I wonder if it's true ?

Never heard of it but it is possible to happen. But how can they access one's account by just having the 2FA?hmm, maybe they can also do that.

But the other trick can happen through sim swap if they have authenticator on their sims.

noormcs5

hero member

Activity: 2632

Merit: 613

Leading Crypto Sports Betting & Casino Platform

Quote from: Imran232 on February 13, 2021, 01:54:14 PM

Quote from: Little Mouse on February 12, 2021, 01:15:50 PM

Don't you have your 2FA enabled? If yes, how can anyone access your account? If you are not using 2FA, please enable.
And, this post should be here in meta. Meta is for forum issue purpose. You can post it in exchange sub board.

Brother i don't know how? But i already mentioned that i used all type of security. Like Email verification, phone verification and 2fa also. Now i don't how he/she bypass all of this. But no matter he Couldn't take anything from me.

You were using 2fa on google authenticator or on your mobile phone sim ?
I have heard that hackers can impersonate the google authenticator app but the mobile phone sim 2fa is more secure. I wonder if it's true ?

CashbackLover

member

Activity: 196

Merit: 15

Sovryn - Brings DeFi to Bitcoin

Quote from: Imran232 on February 12, 2021, 01:12:57 PM

I don't know how people can do this? I used strong password and also use all security option but no result this bloody f**king person got access my account.
But the bad thing for him my account had only $3 usdt Grin

Because i don't hold my money to any centralized wallet or exchange. Ohh god i saved my money because 6 feb i withdrawn my all amount from binance. God save me.

Some tips for everyone

Avoid to hold big amount on any exchange or wallet. No matter how much security it has. Because scammer are also powerful
Do not save your any account details on any online source like drive or notepad type. I suggest you to avoid keep it on device. Best option is write in paper.
try to avoid clicking promotional link you got from email.

[/b]

Now i leave that account. I won't use it again. Bad luck for hardworker hacker . And i spend almost 7 hours to remove my all account details what i stored on some drive site.

You make the hackers work more easier the moment you failed to activate 2fa authentication and also one time passcode that must be sent to your mobile number, anyways thanks for sharing will be more careful

ElmedoRator

full member

Activity: 826

Merit: 104

You have been lucky in this situation and I think this is not just for you, but for everyone using exchanges. Always be careful with keeping your account information as well as personal information in the places where you feel most comfortable. And restrict access to bad websites, prevent dangerous things from coming into contact with your computer. But in fact, people will remember longer and know how to react when they have been really hacked 😅.

Ridwan Fauzi

full member

Activity: 1330

Merit: 147

Depend on the person actually, you will be find if yourong term investment, you can store your asset into hardwallet. But for those trader I guess they can't do withdraw everyday. They should store their money at least one week in the exchange.

There is a way which can make your account save actually, even just a have a little chance for the hacker got your account. You can choose google authenticator, this password is changed in one minute. Until now, I use google authenticator and its work to me. I never been hacked, they only tried to hack my email account.

Dutchyyy

legendary

Activity: 1197

Merit: 1001

Quote from: Imran232 on February 12, 2021, 01:12:57 PM

Now i leave that account. I won't use it again. Bad luck for hardworker hacker . And i spend almost 7 hours to remove my all account details what i stored on some drive site.

I suggest you claim it back. Never leave accounts to hackers and scammers. As of now, they have at least some piece of information about you. And if you leave the account like that, the hackers can use it further.

tabas

hero member

Activity: 2954

Merit: 725

Top Crypto Casino

Quote from: Imran232 on February 13, 2021, 01:54:14 PM

Quote from: Little Mouse on February 12, 2021, 01:15:50 PM

Don't you have your 2FA enabled? If yes, how can anyone access your account? If you are not using 2FA, please enable.
And, this post should be here in meta. Meta is for forum issue purpose. You can post it in exchange sub board.

Brother i don't know how? But i already mentioned that i used all type of security. Like Email verification, phone verification and 2fa also. Now i don't how he/she bypass all of this. But no matter he Couldn't take anything from me.

Why ask if you've said that you know it and if you're using many kinds of security for that account. Do you remember websites that you login with the same login details of yours in your Binance account?
Or do you remember if you ever login or connected your Binance account to any website that requires it?

JeromeTash

legendary

Activity: 2100

Merit: 1208

Heisenberg

Quote from: Imran232 on February 13, 2021, 01:54:14 PM

Brother i don't know how? But i already mentioned that i used all type of security. Like Email verification, phone verification and 2fa also. Now i don't how he/she bypass all of this. But no matter he Couldn't take anything from me.

It could also be through a malware on your computer which can spy on almost all activity on your computer including recording what you type, your login credentials, even your 2FA codes or back up codes. I have seen a case where a malware (R.A.T - Remote Access Trojan) was used to access someone's funds and withdraw all of it.

I would advise to just format your PC and install a fresh OS. Abandoning an account might not help if the malware is still there in your device

Topic: My Binance account got hacked (Read 247 times)