My Binance account got hacked

[Imran232]

I don't know how people can do this? I used strong password and also use all security option but no result this bloody f**king person got access my account.
But the bad thing for him my account had only $3 usdt
Because i don't hold my money to any centralized wallet or exchange. Ohh god i saved my money because 6 feb i withdrawn my all amount from binance. God save me.

Some tips for everyone

• Avoid to hold big amount on any exchange or wallet. No matter how much security it has. Because scammer are also powerful 
• Do not save your any account details on any online source like drive or notepad type. I suggest you to avoid keep it on device. Best option is write in paper.
• try to avoid clicking promotional link you got from email.

[/b]

Now i leave that account. I won't use it again. Bad luck for hardworker hacker . And i spend almost 7 hours to remove my all account details what i stored on some drive site.

[Little Mouse]

Don't you have your 2FA enabled? If yes, how can anyone access your account? If you are not using 2FA, please enable.
And, this post should be here in meta. Meta is for forum issue purpose. You can post it in exchange sub board.

[Findingnemo]

Now i leave that account. I won't use it again. Bad luck for hardworker hacker . And i spend almost 7 hours to remove my all account details what i stored on some drive site.

What if your device got compromised which resulted into the account got hacked? So possibly even if you keep your coins in the wallets which are at the risk now...

Reported to mod already!

[Imran232]

Don't you have your 2FA enabled? If yes, how can anyone access your account? If you are not using 2FA, please enable.
And, this post should be here in meta. Meta is for forum issue purpose. You can post it in exchange sub board.

Brother i don't know how? But i already mentioned that i used all type of security.  Like Email verification, phone verification and 2fa also. Now i don't how he/she bypass all of this. But no matter he Couldn't take anything from me.

[Imran232]

Now i leave that account. I won't use it again. Bad luck for hardworker hacker . And i spend almost 7 hours to remove my all account details what i stored on some drive site.

What if your device got compromised which resulted into the account got hacked? So possibly even if you keep your coins in the wallets which are at the risk now...

Possible but what can i do now? I do not have any other choice.

Reported to mod already!

Ok

[Findingnemo]

Reported to mod already!

Ok

Why did you moved the thread back again to META from Exchanges section, last time I checked this thread was located in exchanges section.

This binance stuff has nothing to do with bitcointalk and its development so let it be in the appropriate section or it will be trahed.

[JeromeTash]

Brother i don't know how? But i already mentioned that i used all type of security.  Like Email verification, phone verification and 2fa also. Now i don't how he/she bypass all of this. But no matter he Couldn't take anything from me.

It could also be through a malware on your computer which can spy on almost all activity on your computer including recording what you type, your login credentials, even your 2FA codes or back up codes. I have seen a case where a malware (R.A.T - Remote Access Trojan) was used to access someone's funds and withdraw all of it.

I would advise to just format your PC and install a fresh OS. Abandoning an account might not help if the malware is still there in your device

[tabas]

Don't you have your 2FA enabled? If yes, how can anyone access your account? If you are not using 2FA, please enable.
And, this post should be here in meta. Meta is for forum issue purpose. You can post it in exchange sub board.

Brother i don't know how? But i already mentioned that i used all type of security.  Like Email verification, phone verification and 2fa also. Now i don't how he/she bypass all of this. But no matter he Couldn't take anything from me.

Why ask if you've said that you know it and if you're using many kinds of security for that account. Do you remember websites that you login with the same login details of yours in your Binance account?
Or do you remember if you ever login or connected your Binance account to any website that requires it?

[Dutchyyy]

Now i leave that account. I won't use it again. Bad luck for hardworker hacker . And i spend almost 7 hours to remove my all account details what i stored on some drive site.

I suggest you claim it back. Never leave accounts to hackers and scammers. As of now, they have at least some piece of information about you. And if you leave the account like that, the hackers can use it further.

[Ridwan Fauzi]

Depend on the person actually, you will be find if yourong term investment, you can store your asset into hardwallet. But for those trader I guess they can't do withdraw everyday. They should store their money at least one week in the exchange.

There is a way which can make your account save actually, even just a have a little chance for the hacker got your account. You can choose google authenticator, this password is changed in one minute. Until now, I use google authenticator and its work to me. I never been hacked, they only tried to hack my email account.

[ElmedoRator]

You have been lucky in this situation and I think this is not just for you, but for everyone using exchanges.  Always be careful with keeping your account information as well as personal information in the places where you feel most comfortable.  And restrict access to bad websites, prevent dangerous things from coming into contact with your computer.  But in fact, people will remember longer and know how to react when they have been really hacked 😅.

[CashbackLover]

I don't know how people can do this? I used strong password and also use all security option but no result this bloody f**king person got access my account.
But the bad thing for him my account had only $3 usdt
Because i don't hold my money to any centralized wallet or exchange. Ohh god i saved my money because 6 feb i withdrawn my all amount from binance. God save me.

Some tips for everyone

• Avoid to hold big amount on any exchange or wallet. No matter how much security it has. Because scammer are also powerful 
• Do not save your any account details on any online source like drive or notepad type. I suggest you to avoid keep it on device. Best option is write in paper.
• try to avoid clicking promotional link you got from email.

[/b]

Now i leave that account. I won't use it again. Bad luck for hardworker hacker . And i spend almost 7 hours to remove my all account details what i stored on some drive site.

You make the hackers work more easier the moment you failed to activate 2fa authentication and also one time passcode that must be sent to your mobile number, anyways thanks for sharing will be more careful

[noormcs5]

Don't you have your 2FA enabled? If yes, how can anyone access your account? If you are not using 2FA, please enable.
And, this post should be here in meta. Meta is for forum issue purpose. You can post it in exchange sub board.

Brother i don't know how? But i already mentioned that i used all type of security.  Like Email verification, phone verification and 2fa also. Now i don't how he/she bypass all of this. But no matter he Couldn't take anything from me.

You were using 2fa on google authenticator or on your mobile phone sim ?
I have heard that hackers can impersonate the google authenticator app but the mobile phone sim 2fa is more secure.  I wonder if it's true ?

[sunsilk]

I have heard that hackers can impersonate the google authenticator app but the mobile phone sim 2fa is more secure.  I wonder if it's true ?

Never heard of it but it is possible to happen. But how can they access one's account by just having the 2FA?hmm, maybe they can also do that.

But the other trick can happen through sim swap if they have authenticator on their sims.

[Slow death]

when I had a blockchain.com account I was constantly receiving 2F sms and it wasn’t me trying to login. it was some thief who always tried to login to my account and then I changed the password. but I stopped using blockchain.com

In the case of Binance:

if you do day trade you will inevitably have to keep some funds in the binance so put a strong password and 2F

[agustina2]

Don't you have your 2FA enabled? If yes, how can anyone access your account? If you are not using 2FA, please enable.
And, this post should be here in meta. Meta is for forum issue purpose. You can post it in exchange sub board.

Binance sets a 2FA by default thru email or mobile number. Everyone can't just login to Binance without entering a code from these.

Also wonder how OP got hacked. Maybe you left your PC or device and people around you sneak into it, as you won't get logged out automatically once you log in. Like here on my PC, it was login since the other day but unless I log out or cleared my browsing data, it will remain online. I don't know how long the login session in Binance is.

[milewilda]

Don't you have your 2FA enabled? If yes, how can anyone access your account? If you are not using 2FA, please enable.
And, this post should be here in meta. Meta is for forum issue purpose. You can post it in exchange sub board.

Binance sets a 2FA by default thru email or mobile number. Everyone can't just login to Binance without entering a code from these.

Also wonder how OP got hacked. Maybe you left your PC or device and people around you sneak into it, as you won't get logged out automatically once you log in. Like here on my PC, it was login since the other day but unless I log out or cleared my browsing data, it will remain online. I don't know how long the login session in Binance is.

Try to look back again on the image that OP posted where it prompt that theres a new log in session on a new IP which basically means that it is logged in on other place.
Its true that Binance do really require out those security measures first before you can able to proceed thats why its really hard to believe on that he hasnt able to set those things
first and good thing that op did able to pull out his funds earlier and that was indeed a close call.The mindset of not to store up coins on an exchange did really save up his ass.
Security breaches situations like these are common.Even though its selective ones but i do agree on what had said that hackers are always 1 step ahead this is why we should really be careful.

[chaser15]

Try to look back again on the image that OP posted where it prompt that theres a new log in session on a new IP which basically means that it is logged in on other place.

This is what I'm always thinking. Should not be possible to log in elsewhere. Even I will type my Binance password here, no one can breach that account easily.

In my case, Binance APP needs both mobile number and email verification. Passwords are different on my email and Binance. On Binance website, a mobile number is needed. And with that, the hacker still found a way to breach OP's account.

OP do something wrong here for sure. No way the hacker can just enter an account without the general details. Where the hacker found the email? the number? Or maybe OP is a victim of phishing or using the same login credential on all accounts.

[Danslip]

Try to look back again on the image that OP posted where it prompt that theres a new log in session on a new IP which basically means that it is logged in on other place.

This is what I'm always thinking. Should not be possible to log in elsewhere. Even I will type my Binance password here, no one can breach that account easily.

In my case, Binance APP needs both mobile number and email verification. Passwords are different on my email and Binance. On Binance website, a mobile number is needed. And with that, the hacker still found a way to breach OP's account.

OP do something wrong here for sure. No way the hacker can just enter an account without the general details. Where the hacker found the email? the number? Or maybe OP is a victim of phishing or using the same login credential on all accounts.

The only explanation coming to my mind is hacker gets access to the PC with remote control apps. If the OP holds the 2FA keys and password lists on the hard disk, it is easy peasy for a hacker to track everything, hijack it or even download the ransomware to the device. After getting the access to remote control app, the simple login to the chrome database and taking the copy of the 2FA app will easily let the hacker repeat the same withdrawal over and over. Better safe than sorry, so I never keep remote control apps on my desktop pc.

[Oceat]

Try to look back again on the image that OP posted where it prompt that theres a new log in session on a new IP which basically means that it is logged in on other place.

This is what I'm always thinking. Should not be possible to log in elsewhere. Even I will type my Binance password here, no one can breach that account easily.

In my case, Binance APP needs both mobile number and email verification. Passwords are different on my email and Binance. On Binance website, a mobile number is needed. And with that, the hacker still found a way to breach OP's account.

OP do something wrong here for sure. No way the hacker can just enter an account without the general details. Where the hacker found the email? the number? Or maybe OP is a victim of phishing or using the same login credential on all accounts.

The only explanation coming to my mind is hacker gets access to the PC with remote control apps. If the OP holds the 2FA keys and password lists on the hard disk, it is easy peasy for a hacker to track everything, hijack it or even download the ransomware to the device. After getting the access to remote control app, the simple login to the chrome database and taking the copy of the 2FA app will easily let the hacker repeat the same withdrawal over and over. Better safe than sorry, so I never keep remote control apps on my desktop pc.

Correct me if I'm wrong here but OP said these lines...

Now i leave that account. I won't use it again. Bad luck for hardworker hacker . And i spend almost 7 hours to remove my all account details what i stored on some drive site.

It keeps me thinking maybe he did put some personal details on any drive site and the hacker got some access to that site or it could be that OPs computer is compromised already and without having the 2fa turned on.
That's an easy access to the hacker but luckily OP already managed to sent those funds to some exchange or traded with fiat already.

Let's take this lesson for everyone that be very cautious about of your personal stuffs especially in online. So put up everything every security measures you can in order to avoid someone gaining easy access to your account. Always put the 2FA to always get notified if someone is ratting your account.