Bitcoin Forum
November 14, 2024, 10:08:23 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 »  All
  Print  
Author Topic: I was hacked with the Fake Binance  (Read 636 times)
marketcoin2 (OP)
Newbie
*
Offline Offline

Activity: 61
Merit: 0


View Profile
January 29, 2018, 03:21:38 PM
Last edit: January 31, 2018, 01:00:20 AM by marketcoin2
 #1

Today, to login binance, I used google search (lazy ass) and click on google top ad (stupid of me). I check https and certification was secure and the name (nothing wrong there), and after entering my password and code for two step authentication, it displayed this massage:

Due to the implementation of new security measures you will be able to login 24-48 hours later.
Sorry for the inconvenience


I got suspicious, so I typed the address and went back and googled the massage and I came across this page. Apparently the displayed name in the url with valid certification has a small dot under n. So I was hacked, lucky me I change my passwords and my authentication method asap. But It was headache and normally it is not easy to spot this. You can also copy past the fake binance.com in a notepad and see that original url is : (https://www.xn--binace-zt7b.com/).

I know I was sloppy (even being normally paranoid about everything).
I am putting this here to stop anybody losing his BTCs.

EDIT:
Currently, the link is being redirected to the main website! which is really strange! It sounds like the hackers now redirecting the link true their server to avoid people knowing about them!


(https://www.xn--binace-zt7b.com/), hold you mouse pointer on the link and look for the bottom left corner of your browser, you can see the"." under n in their fake binance.com! I am now sure actually that they are redirecting to the main to avoid losing their phishing method!

This redirecting happened recently!

shulio
Legendary
*
Offline Offline

Activity: 1540
Merit: 1016


View Profile
January 30, 2018, 03:13:52 PM
 #2

Phishing sites started to use this method, using non latin characters, that look like latin characters, on domain names to fake the site. Beware about this method on all sites you use for trading and instead of google search or clicking links, manually type the site names.
mk4
Legendary
*
Offline Offline

Activity: 2926
Merit: 3881


📟 t3rminal.xyz


View Profile WWW
January 30, 2018, 03:22:44 PM
Last edit: January 30, 2018, 03:42:28 PM by mjglqw
 #3

Are you sure the fake link you provided is a phishing link? I opened it on a VM and it just redirects me to the real binance, but with a referral link.

302 redirect brought me to binance.com/?ref=40581024

» t3rminal.xyz «
Telegram Alert Bots for Traders
bitcoinisbest
Hero Member
*****
Offline Offline

Activity: 1218
Merit: 557


View Profile
January 30, 2018, 03:32:27 PM
 #4

This is happening a lot and due to this when you login to original binance site you get this days this Safety Risk Notice. They have mentioned some points which as a user needs to take care while login to the exchange. Consider it as a important safety measure which they are notifying their users right in the front page after login happens successfuly.
DanielRR1997
Member
**
Offline Offline

Activity: 196
Merit: 14


View Profile
January 30, 2018, 03:33:35 PM
 #5

Phishers are becoming more and more sophisticated in designing their phony websites. There's no surefire way to know if you're on a phishing site, but here are some hints that can help you distinguish a real website from a phishing site. Check the Web address. Just because the address looks OK, don't assume you're on a legitimate site. Look in your browser's URL bar for these signs that you may be on a phishing site:

1 - Incorrect company name. Often the web address of a phishing site looks correct but actually contains a common misspelling of the company name or a character or symbol before or after the company name

2- A missing forward slash. To verify that you're on a legitimate site, make sure a forward slash ( / ) appears after ".com" in the URL bar.
maimainguyen05
Full Member
***
Offline Offline

Activity: 252
Merit: 105


Stake & Vote or Become a IoTeX Delegate!


View Profile
January 30, 2018, 05:44:19 PM
 #6

You're not the only one fell into the trap like this and not only Binance, Myetherwallet also has the same kind of phising site. Only 1 careless second you can lose everything you earned for years. You should be more careful next time to not give any free money for hackers and lazy fucking guys just wanna hack money from other people anymore.

Ayamj
Full Member
***
Offline Offline

Activity: 350
Merit: 100



View Profile
January 30, 2018, 05:57:57 PM
 #7

Wow, I I feel your pain, have u try contacting you binance support?
marketcoin2 (OP)
Newbie
*
Offline Offline

Activity: 61
Merit: 0


View Profile
January 30, 2018, 06:11:05 PM
Last edit: January 31, 2018, 01:27:37 AM by marketcoin2
 #8

Are you sure the fake link you provided is a phishing link? I opened it on a VM and it just redirects me to the real binance, but with a referral link.

302 redirect brought me to binance.com/?ref=40581024

It was redirecting to fake one, and now what you are saying happening that is confusing! maybe Binance.com was somehow involved or were hacked or they just toke over the fake website (I am not accusing anybody, I am just confused!!!)EDIT: check the original post!

Here is the screenshot of the google search and the top ad:

https://image.ibb.co/iDDu4R/binancefake.png

The only way now I can find  to avoid this problem is to check the certification of the website and issuer by clicking on the secure icon (green) in the browser:

Binance.com has certification from comodo (the authority of issuing some of the https certification)

while the fake one has a weird certification issuer and company name was :xn--binace-zt7b
marketcoin2 (OP)
Newbie
*
Offline Offline

Activity: 61
Merit: 0


View Profile
January 30, 2018, 06:12:47 PM
 #9

Phishing sites started to use this method, using non latin characters, that look like latin characters, on domain names to fake the site. Beware about this method on all sites you use for trading and instead of google search or clicking links, manually type the site names.
You're not the only one fell into the trap like this and not only Binance, Myetherwallet also has the same kind of phising site. Only 1 careless second you can lose everything you earned for years. You should be more careful next time to not give any free money for hackers and lazy fucking guys just wanna hack money from other people anymore.

exactly, I think we should be more careful and educate people to avoid this problem!
marketcoin2 (OP)
Newbie
*
Offline Offline

Activity: 61
Merit: 0


View Profile
January 30, 2018, 06:14:02 PM
 #10

Wow, I I feel your pain, have u try contacting you binance support?

I did not lose anything, and I was fast to change my password, my authentication method, etc! But I should contact them, to just let them know!
allohha
Full Member
***
Offline Offline

Activity: 672
Merit: 176



View Profile
January 30, 2018, 06:56:17 PM
Merited by hovrah (20), senin (6)
 #11

The news that the world's largest exchanges - Binance, Bitfinex, Bittrex - suspended registration of new users, or tightened registration conditions, only spurred most of the newcomers to buy crypto currency (especially with such a strong fall of bitcoin) and try to register on the stock exchanges all the truth.

Of course, on this wave enterprising swindlers decided to sell accounts on stock exchanges. The price of the account today depends on the degree of verification that the user has passed and at the moment reaches 15 BTC! You will be surprised, but many did not at all confuse such a "gypsy" scheme of buying an account. Perhaps in the pursuit of the dream of becoming a bit-keen multi-billionaire, enthusiasts simply did not calculate that even after changing the password, the swindler can easily regain the account and skimp on all your hard-earned money somewhere in Thailand.
buytheeffinD
Full Member
***
Offline Offline

Activity: 266
Merit: 101


The revolutionary AI gaming ecosystem


View Profile WWW
January 30, 2018, 06:59:18 PM
 #12

Wow, I I feel your pain, have u try contacting you binance support?

I did not lose anything, and I was fast to change my password, my authentication method, etc! But I should contact them, to just let them know!

You most definitely should but thank you for bringing it to our attention because now investors who visit bct can now beware of this problem as well. Glad you didn't lose anything either that would have been a shitty situation.

hovrah
Sr. Member
****
Offline Offline

Activity: 756
Merit: 250



View Profile
January 30, 2018, 07:01:52 PM
 #13

The news that the world's largest exchanges - Binance, Bitfinex, Bittrex - suspended registration of new users, or tightened registration conditions, only spurred most of the newcomers to buy crypto currency (especially with such a strong fall of bitcoin) and try to register on the stock exchanges all the truth.

Of course, on this wave enterprising swindlers decided to sell accounts on stock exchanges. The price of the account today depends on the degree of verification that the user has passed and at the moment reaches 15 BTC! You will be surprised, but many did not at all confuse such a "gypsy" scheme of buying an account. Perhaps in the pursuit of the dream of becoming a bit-keen multi-billionaire, enthusiasts simply did not calculate that even after changing the password, the swindler can easily regain the account and skimp on all your hard-earned money somewhere in Thailand.
Binance for example, This is almost a converted Forex. So I and possibly many other users do not strongly respect this exchange and do not consider one of the leaders in the trade in crypto currency. But in general, information is confirmed in many media.
Reatim
Sr. Member
****
Offline Offline

Activity: 3024
Merit: 383



View Profile
January 30, 2018, 07:16:40 PM
 #14

Today, to login binance, I used google search (lazy ass) and click on google top ad (stupid of me). I check https and certification was secure and the name (nothing wrong there), and after entering my password and code for two step authentication, it displayed this massage:

Due to the implementation of new security measures you will be able to login 24-48 hours later.
Sorry for the inconvenience


I got suspicious, so I typed went back and googled the massage and I came across this page. Apparently the displayed name in the url with valid certification has a small dot under n. So I was hacked, lucky me I change my passwords and my authentication method asap. But It was headache and normally it is not easy to spot this. You can also copy past the fake binance.com in a notepad and see that original url is : (https://www.xn--binace-zt7b.com/).

I know I was supply (even being normally paranoid about everything.
I am putting this here to stop anybody losing his BTCs.



Thanks for the fair warning. I have no Binance account but this would really help a lot of members to try and be sure that they are in the correct URL so that they are not going to be phished and loss their coins on the exchanges. That's why its important to bookmark the trading platform, there are a lot of hackers who will do anything to stole money out of their unsuspecting victims.

I'm sure that there are already who fall for this and can't do anything but to blame themselves because of their mistakes. Very hard lessons to swollen and it comes at a big cost for others. Good thing though that you are really quick to change everything.

██████
██
▀▀







▄▄
██
██████

░▄██████████████▀█▀▀████████▄░
███████████░░▀██▄░▀▄░█████████
███████████▄▄▄░▀▀▄░░█░████████
██████████▀▀░░░▄▄░░░▀░░███████
████████▀░░░░▀▀█▀░░░░░████████
███▀████▀░░░░░░░░░░░░████▀▀██
███▄████▀▀▀████░░░░░░░████▄▄██
█▀▀▀▀▀▀▀▀▀▀█████░░░░░░██▀▀▀▀▀█
█▄▄▄███████▀█░░░░░░░░▀███▄▄▄█
█████▄▄▄▄███▄▄▄▄▄▄▄▄▄█████████
█████▀▀▀███████████████▀▀██▄██
░▀████████████████▄▄▄▄██████▀░
First Ever⠀⠀⠀───── Powered by: BSC Network
Leverage Driven CLMM + DLMM Model
───▸Dynamic Fee Structure    ───▸Revenue Sharing
.
.       █
.  █   ███
. ███  ███   █
. ███▄▀███▄ ███
▀▀███  ███ ▀███ ▄
. ███  ▀█▀  ███▀█▀
. ███   ▀   ███
.  █        ▀█▀
.            ▀
Trade
.
. ▄▄▄▄▄▄▄    ▄▄▌‎▐▄▄
▄█▀  ▄  ▀█ ███▀▄▄▀███
█    █    ████ ▀█▄████
█    ▀▀▀▀ ████▀█▄ ████
▀█▄      ▄ ███▄▀▀▄███▀
. ▀▀█▄▄█▀   ▀▀█▌‎▐█▀▀
.▄▄▄▄▄
.████████▀▄ ▄▄▄██▀
.   ▀▀▀██████▀▀
Lend
.
.        ▄█
.     ▄███▄▄▄
.   ▀██████████
.     ▀███▀▀▀███
▄    ▄▄  ▀    ▀█
███▄▄███▄
▀█████████▄
. ▀▀▀████▀
.    █▀
Swap
.
.     ██▄▄
.   ██████
.    ████
.  ▄██▄▄▄██▄
.▄████▀ ▀█████
▄█████ ▀███████
██████▀▀ ██████
███████▄███████
.▀▀█████████▀▀
Earn
.

WHITELIST ME
██████
██
▀▀







▄▄
██
██████
marketcoin2 (OP)
Newbie
*
Offline Offline

Activity: 61
Merit: 0


View Profile
January 30, 2018, 09:06:59 PM
Last edit: January 30, 2018, 10:34:17 PM by marketcoin2
 #15

Wow, I I feel your pain, have u try contacting you binance support?

I did not lose anything, and I was fast to change my password, my authentication method, etc! But I should contact them, to just let them know!

You most definitely should but thank you for bringing it to our attention because now investors who visit bct can now beware of this problem as well. Glad you didn't lose anything either that would have been a shitty situation.

It would have been, i agree!  Wink
marketcoin2 (OP)
Newbie
*
Offline Offline

Activity: 61
Merit: 0


View Profile
January 30, 2018, 09:09:25 PM
 #16

Today, to login binance, I used google search (lazy ass) and click on google top ad (stupid of me). I check https and certification was secure and the name (nothing wrong there), and after entering my password and code for two step authentication, it displayed this massage:

Due to the implementation of new security measures you will be able to login 24-48 hours later.
Sorry for the inconvenience


I got suspicious, so I typed went back and googled the massage and I came across this page. Apparently the displayed name in the url with valid certification has a small dot under n. So I was hacked, lucky me I change my passwords and my authentication method asap. But It was headache and normally it is not easy to spot this. You can also copy past the fake binance.com in a notepad and see that original url is : (https://www.xn--binace-zt7b.com/).

I know I was supply (even being normally paranoid about everything.
I am putting this here to stop anybody losing his BTCs.



Thanks for the fair warning. I have no Binance account but this would really help a lot of members to try and be sure that they are in the correct URL so that they are not going to be phished and loss their coins on the exchanges. That's why its important to bookmark the trading platform, there are a lot of hackers who will do anything to stole money out of their unsuspecting victims.

I'm sure that there are already who fall for this and can't do anything but to blame themselves because of their mistakes. Very hard lessons to swollen and it comes at a big cost for others. Good thing though that you are really quick to change everything.

I would be happy if I could have helped people for losing their investment.
Bookmarking is a good idea, I will do it to avoid feuture problem with other websites!
Willitivity
Sr. Member
****
Offline Offline

Activity: 1190
Merit: 256


View Profile
January 30, 2018, 09:19:31 PM
 #17

There's always a phishing attacks and spams in the crypto space. People have always been scammed one thing or the other.
It all boils down to being self secured and never clicking on untrusted links.
Thanks for bringing up this here, everyone gotta be extra careful.
Fatunad
Sr. Member
****
Offline Offline

Activity: 2296
Merit: 360


View Profile
January 30, 2018, 09:59:59 PM
 #18

Today, to login binance, I used google search (lazy ass) and click on google top ad (stupid of me). I check https and certification was secure and the name (nothing wrong there), and after entering my password and code for two step authentication, it displayed this massage:

Due to the implementation of new security measures you will be able to login 24-48 hours later.
Sorry for the inconvenience


I got suspicious, so I typed the address and went back and googled the massage and I came across this page. Apparently the displayed name in the url with valid certification has a small dot under n. So I was hacked, lucky me I change my passwords and my authentication method asap. But It was headache and normally it is not easy to spot this. You can also copy past the fake binance.com in a notepad and see that original url is : (https://www.xn--binace-zt7b.com/).

I know I was sloppy (even being normally paranoid about everything).
I am putting this here to stop anybody losing his BTCs.



That was a close one and luckily you did able to change password before the hacker did able to stole funds inside that account. Even my eyes fooled me in my first glimpse of the phishing site which it do have actually a small dot under that letter i. If you are really very lazy then checking this small difference of detail cant really be noticed which you would really end up on entering your credentials.
Bitcoincole
Full Member
***
Offline Offline

Activity: 504
Merit: 102



View Profile
January 30, 2018, 10:15:32 PM
 #19

Today, to login binance, I used google search (lazy ass) and click on google top ad (stupid of me). I check https and certification was secure and the name (nothing wrong there), and after entering my password and code for two step authentication, it displayed this massage:

Due to the implementation of new security measures you will be able to login 24-48 hours later.
Sorry for the inconvenience


I got suspicious, so I typed the address and went back and googled the massage and I came across this page. Apparently the displayed name in the url with valid certification has a small dot under n. So I was hacked, lucky me I change my passwords and my authentication method asap. But It was headache and normally it is not easy to spot this. You can also copy past the fake binance.com in a notepad and see that original url is : (https://www.xn--binace-zt7b.com/).

I know I was sloppy (even being normally paranoid about everything).
I am putting this here to stop anybody losing his BTCs.



That was a close one and luckily you did able to change password before the hacker did able to stole funds inside that account. Even my eyes fooled me in my first glimpse of the phishing site which it do have actually a small dot under that letter i. If you are really very lazy then checking this small difference of detail cant really be noticed which you would really end up on entering your credentials.


Yes, i agree with you mate. Well, to avoid from fake website(binance) or phishing site. You always check if that website that you browse are in a security padlock mode if you don't see that sign you might in wrong website that you transacted.
chaser15
Legendary
*
Offline Offline

Activity: 2688
Merit: 1065


Undeads.com - P2E Runner Game


View Profile
January 30, 2018, 10:41:55 PM
 #20

Today, to login binance, I used google search (lazy ass) and click on google top ad (stupid of me). I check https and certification was secure and the name (nothing wrong there), and after entering my password and code for two step authentication, it displayed this massage:

Due to the implementation of new security measures you will be able to login 24-48 hours later.
Sorry for the inconvenience


I got suspicious, so I typed the address and went back and googled the massage and I came across this page. Apparently the displayed name in the url with valid certification has a small dot under n. So I was hacked, lucky me I change my passwords and my authentication method asap. But It was headache and normally it is not easy to spot this. You can also copy past the fake binance.com in a notepad and see that original url is : (https://www.xn--binace-zt7b.com/).

I know I was sloppy (even being normally paranoid about everything).
I am putting this here to stop anybody losing his BTCs.




The Google ad Top is a legit site based on my own search. Maybe it depend on search filter per location and unfortunately you hit that scam site. I checked all details and still the top search with ad ended up as a legit one as far as my own location is concerned. You can also report that to Google for them to erased that link on seach result.

Anyways thanks for the warning and people must always look at the url if it's correct. For more security, enabled 2FA and bookmarked the official url of Binance which is https://www.binance.com .

💀|.
   ▄▄▄▄█▄▄              ▄▄█▀▀  ▄▄▄▄▄█      ▄▄    ▄█▄
  ▀▀▀████████▄  ▄██    ███▀ ▄████▀▀▀     ▄███   ▄███
    ███▀▄▄███▀ ███▀   ███▀  ▀█████▄     ▄███   ████▄
  ▄███████▀   ███   ▄███       ▀▀████▄▄███████████▀
▀▀███▀▀███    ███ ▄████       ▄▄████▀▀████   ▄███
 ██▀    ▀██▄  ██████▀▀   ▄▄█████▀▀   ███▀   ▄██▀
          ▀▀█  ▀▀▀▀ ▄██████▀▀       ███▀    █▀
                                      ▀
.
.PLAY2EARN.RUNNER.GAME.
||VIRAL
REF.SYSTEM
GAME
|
████████████████████████████
████████████████████████████
████████████████████████████
██████ ▄▀██████████  ███████
███████▄▀▄▀██████  █████████
█████████▄▀▄▀██  ███████████
███████████▄▀▄ █████████████
███████████  ▄▀▄▀███████████
█████████  ████▄▀▄▀█████████
███████  ████████▄▀ ████████
████████████████████████████
████████████████████████████
████████████████████████████
████████████████████████████
████████████████████████████
████████████████████████████
████████▀▀▄██████▄▀▀████████
███████  ▀        ▀  ███████
██████                ██████
█████▌   ███    ███   ▐█████
█████▌   ▀▀▀    ▀▀▀   ▐█████
██████                ██████
███████▄  ▀██████▀  ▄███████
████████████████████████████
████████████████████████████
████████████████████████████
Pages: [1] 2 3 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!