BitmeNews.com

Binance User Loses 2 BTC After Hacker Steals Password, How to Prevent Theft

e0aef43c1f0f00db8d1c155795c3c37e

Amidst the brutal market conditions, a Reddit user, BeanThe5th, has somehow managed to get in more trouble than the market is currently in, reportedly losing two Bitcoin in a hack. 

Reddit User Loses Two Bitcoin In Binance Hack

Yesterday, BeanThe5th made a thread in the popular /r/cryptocurrency subreddit, regarding a theft that has occurred on his or her Binance account. Many users who saw this Reddit thread were quite surprised, as it has become common knowledge that Binance is one of the most reputable and secure exchanges that exist.

According to the aforementioned Reddit user, the thieves took two Bitcoins from their account. However, Binance has a daily withdrawal limit in place for unverified users, which stopped the criminals from taking all $50,000 worth of cryptocurrencies from the account. Although some larger investors may see this as a restriction, in this situation, this limit luckily saved a majority of the user’s funds.

The hackers also managed to take control of all of the user’s social media pages, along with any other accounts associated with the hacked email addresses. The user also had cryptoassets on other exchanges but confirmed that the funds on the other exchanges were safe and locked on these exchanges.

How Did This Occur?

The hacker(s) managed to get past the often secure two-factor authentication (2FA) by using a ‘SIM swap’ method. This method of intrusion requires the criminals to pretend to be the targeted individual. The criminal will then need to contact the individual’s phone provider, getting the provider to move all SIM information onto the hacker’s phone. This allows for all two-factor security messages to be sent to the hacker’s phone instead of the original user’s device.

As well, the attackers also managed to take control of the user’s Google Authenticator account, which Binance uses as another layer of security.

Due to the fact that they also had access to the passwords of the individual, it became an easy task to get funds withdrawn from Binance after taking control of the 2FA accounts. 

With all these factors in mind, it has become apparent that this attack was meticulous and most likely required an immense amount of planning prior attack’s execution. 

A representative from Binance quickly responded as the post skyrocketed to the front page of the most popular cryptocurrency subreddit. Jager, Binance customer support team member, asked for the affected user to procure their support ticket ID, to help expedite the case.

Bean answered with his ticket ID as requested, with the representative from Binance confirming that the account had been locked just a few minutes later.

Security Methods

Some Reddit users suggested alternative methods to make sure that an attack on a cryptocurrency user’s funds won’t happen again.

Reddit user JohnnyK10 recommended a security method to the affected user, saying:

Dont keep 50k worth of coins on a exchange. A cold hardware wallet is your safest bet.

Many cryptocurrency experts, along with large holders, believe that it is best to hold large amounts of cryptocurrencies in a secure hardware wallet, like the Ledger Nano. This greatly reduces the risk of hacking, some saying removing all risk of attack entirely.

Products like the Ledger and Trezor are easy to use and support a wide variety of popular cryptocurrencies. As well, most hardware wallets cost under $150 U.S. dollars, making them a logical security method for users who are aware of these fantastic devices. 

Due to the severity of the attack, others speculated that there must have been an attack on the user’s computer, with a keylogger or activity tracker implanted being the most likely scenario. When using a hardware wallet, it removes any risk of a keylogger attack, even if the hardware wallet is plugged into the computer. Hardware wallets keep all sensitive information on the device, using extremely secure channels to help verify transactions using a private key. 

If users do not opt-in to buy a hardware wallet, it is suggested by many to keep up to date with the proper computer security programs, which have become increasingly secure.

Think about it, buying a $150 hardware wallet or $100 security program will help many users mitigate the risk of an attack on thousands of dollars worth of their cryptocurrencies.

As more attacks like this occur, it will only begin to make even more sense for investors to keep their funds under lock and key.

happy-woman-walking-on-beach-PL6FA7H.jpg

SanFair Newsletter

The latest on what’s moving world – delivered straight to your inbox