If you have a Binance account and use SMS authentication on your cell phone, be careful. According to reports, hackers are cloning the broker’s customer numbers to gain access to accounts. The purpose of the scam is to gain access to the cryptocurrencies and later steal them. The scam mainly affects those who use the identification of two factors (2FA) only by cell phone. With cloning, hackers gain access to the mechanism and steal the cryptocurrencies. The failure affected at least three exchange customers who had numbers from the operator Claro.
Table of Contents
Cloning and API access
The first warning was given by Marcello Paz, founder of O2 Research and the Criptocapitalistas channel, in a video recorded on Thursday (2). In the video, Paz claimed that one of the students in his course received a message from Binance saying that his cryptocurrencies had been withdrawn. In an interview with CriptoFácil, Paz reported that two people reported the same problem at the same time. In all cases, the cell phone number was cloned and the cryptocurrencies stolen. The process occurred because, in possession of the number, the hacker created a withdrawal API in Binance through accounts. “In all three cases, the hacker logged into Binance’s account and created an API with the withdrawal function. Brokers typically require users to have 2FA enabled for security reasons before making withdrawals. However, if you register an API key – to make automated trades, for example – it is possible to enable a withdrawal function via API without doing the 2FA”, he said. Although the API does not require 2FA validation to make withdrawals, it is necessary to have this validation for the function to be created. Thus, the hacker managed to steal the users’ 2FA and create the loot function, which allowed him to steal the cryptocurrencies.
half a million in losses
After seeing the withdrawals being made without having requested, the user alerted Paz and the course members. Ether (ETH) and Bitcoin (BTC) were withdrawn, in an amount equivalent to R$ 12 thousand. That’s just from one of the accounts. Then someone else began to report similar cases. One of them had no less than 2 BTC withdrawn from their account, which is equivalent to R$ 520,000 at the current price. “My student was able to see that 10 or 15 days ago, they had managed to access his account from another country. At the same time, they reported that their cell phone chips stopped working the same day the account was accessed by 2FA via SMS. In other words, someone managed to hack the chip, make the owner no longer have access to the number and use it to steal the cryptocurrencies without the owners knowing,” said Paz. In summary, the process that led to the coup was as follows: the chip (in all cases, belonging to operator Claro) stopped working; there was the cloning of the chip hackers access Binance and ask to reset the password; with the cloned chip, hackers are able to receive the code via email and to the cell phone; the hacker logs into your Binance account with the new password and creates an API key; waits the release time and requests the withdrawal, without needing SMS or email confirmation due to the API key. Apparently, the responsibility for the incident did not lie with Binance, but rather a security breach, as the hacker gained access to two forms of validation of the users’ account: email and SMS. The broker even started to prevent the creation of APIs with the withdrawal function, which indicates that it can be aware of the situation.
Security Tips
The scam in question involves a serious security breach. While the weight tends to fall on exchanges, users also need to protect themselves. In this sense, it is worth adopting some tips to protect your accounts at brokerages. The first tip is to never use SMS or email to activate 2FA, as these can be hacked. Instead, prefer apps like Authy or Google Authenticator. Another option is to use a physical 2FA such as KeyID or Ubikey, which are not in contact with the internet. “The most secure methods for 2FA are physical devices with FIDO/FIDO2 protocols, present in Yubikeys, Key-ID and even in hardware wallets like Trezor and Ledger,” said a security expert, on condition of anonymity. Also make sure your account has a strong password and avoid using servers like Gmail and Hotmail. Prefer services like ProtonMail, which are more secure and privacy-oriented. However, the main tip is reinforced by Paz: “If you don’t want to trade your cryptocurrencies, don’t leave them on the exchange! Ideally have a hardwallet and store your cryptocurrencies in it. Using it correctly, and keeping custody with you, it’s impossible for a hacker to steal your money,” he said.
Safety is priority at Binance
In a statement, Binance informed CriptoFácil that user safety is a priority on the platform: “Binance regrets that its users have been victims of scams and informs that it is working to introduce additional layers of security into the Binance.com platform. number one priority in Binance. We’ve invested countless hours and resources to ensure our platform is protected from hackers, including incorporating big data analytics and artificial intelligence technologies to help us prevent attacks. We’ve partnered with a number of cybersecurity and compliance companies. Still, the best security partnership we can build is with the Binance community itself. Each and every user has the power to ensure the community stays away from malicious actors, starting with maintaining regular habits that help keep accounts safe. Such as: We recommend that all devices are protected with the latest version of the antivirus software of your choice and that regular scans are scheduled. from your trust circle For additional tips, go to Binance’s blog and learn how to keep your devices safe Read also: Ethereum inflation drops 39% after hard fork Read also: DeFi tokens value up to 90% per week; check out the highlights Read also: Tournament offers up to $150,000 in play-to-earn prizes REVV Racing
