Reddit user BeanThe5th just got himself hacked, reportedly losing 2 BTC from his Binance account.
Yesterday, BeanThe5th posted in the popular /r/cryptocurrency subreddit about the theft that occurred on their Binance account. Redditors were quite shocked to see this, as Finance is usually regarded as one of the most secure crypto exchanges.
According to his post, the hackers took two bitcoins from his account. However, since Binance has a daily withdrawal limit for unverified users, the hackers were unable to take more from his account, saving his $50,000 worth of cryptocurrencies. While some investors may see this daily withdrawal limit as a restriction, this time, this limit saved the users’ funds from being drained.
The hackers also gained control of all of BeanThe5th’s social media and accounts associated with his hacked email. BeanThe5th was able to confirm that funds he had on other exchanges were luckily safe and locked on those exchanges.
The attackers got past the often secure Two-factor authentication (2FA) used by most exchanges by using what is known as a ‘SIM swap” Basically, the hackers pretended to be the targetted user, then contact the individual’s phone service provider, and have the provider move all SIM information to the hacker’s phone. This then allows for all 2FA messages to be sent to the hackers instead of the owner’s device.
The hackers also somehow gained control of the user’s Google Authenticator account, something that Binance uses as an added layer of security.
With password access gained, it became mere child’s play to withdraw funds from his Binance account.
Binance’s representatives acted quickly, with their customer care specialists asking for the affected user’s support ID ticket to help expedite the case. Binance later confirmed to the user that the accounts had been locked just a few minutes later.
Redditors were quick to offer alternative methods to make sure attacks on crypto assets are prevented.
One popular choice is using a cold wallet. Reddit user JohnnyK10 said in a reply to the post that:
“Don’t keep 50k worth of coins on an exchange. A cold hardware wallet is your safest bet.”
Most experts believe that it is always a good bet to hold large amounts of cryptocurrencies in a secure hardware wallet. This approach greatly reduces risks of hacks, with some asserting this removes the risk of attacks completely.
Some Redditors speculated that due to the severity and complexity of the attack BeanThe5th suffered, it was possible a keylogger or a form of activity tracker may have been placed on his devices or computer. Using a hardware wallet removes this risk as well.
It is also suggested that if you do not opt to use a hardware wallet, to make sure your computer security programs are up to date, to lessen the risk of intrusion.
With more attacks like this happening, it only makes sense that an investor will take the proper steps to secure their accounts, and keep their funds under guard.