AI face-swapping and plugin traps, two security incidents caused user losses exceeding ten million

Author: Tuo Luo Finance

Security incidents are not uncommon in traditional finance, and in the dark forest-like world of anonymous cryptocurrencies, they are even more prevalent.

Data shows that in May alone, there were 37 typical security incidents in the crypto space, with total losses due to hacking, phishing scams, and Rug Pulls amounting to $154 million, an increase of about 52.5% compared to April.

On June 3, two security incidents occurred again, slightly different from other events in that both were associated with large exchanges, and the processes were quite bizarre, with the end of the story leaving some happy and some worried.

On June 3, a user named Nakamao posted a long article on the X platform that went viral, mentioning that "he became a victim in the crypto space, with $1 million in his Binance account disappearing into thin air." In his detailed account, a series of hacker thefts unfolded.

It is said that on May 24, while Nakamao was still at work and had all communication devices with him, hackers managed to steal all the funds in his account without obtaining his Binance account password or two-factor authentication (2FA) instructions, by using wash trading.

Wash trading, in simple terms, involves making large trades in illiquid trading pairs, where one party massively buys to absorb the hacker's sell-off, ultimately allowing the hacker to obtain actual funds or stablecoins through a certain altcoin, while the buyer takes over the altcoins from the seller. This method of theft is not uncommon on exchanges; in 2022, FTX experienced a wash trading theft of up to $6 million due to a 3commas API KEY leak, which was settled at the time by SBF using cash capabilities. Subsequently, Binance also experienced large-scale wash trading. The malicious aspect of this model lies in the fact that for exchanges with poor risk control, it appears to be a very ordinary trading behavior, with no abnormal theft detected.

In this case, QTUM/BTC, DASH/BTC, PYR/BTC, ENA/USDC, and NEO/USDC were selected, using the user's large funds to purchase assets that rose over 20%. The user did not notice any of the hacker's operations until more than an hour later when checking account information.

According to responses from security companies, the hacker manipulated the user’s account by hijacking webpage cookies, essentially utilizing terminal data saved on the web. A typical example is that when we enter a certain interface on the internet, we do not need to log in with an account password because we have already left historical access and default records.

At this point, it may just be a case of user negligence, but the situation became even more bizarre afterward. After the theft, Nakamao immediately contacted customer support and Binance co-founder He Yi, providing the UID to the security team, hoping to freeze the hacker's funds in a short time. However, Binance staff took a full day to notify Kucoin and Gate, and unsurprisingly, the hacker's funds had already vanished without a trace. Moreover, the hacker only used one account and did not disperse the accounts, smoothly withdrawing all funds from Binance. Throughout the entire process, the user did not receive any security alerts, and ironically, due to the large buy transactions, the next day, Binance even sent him an invitation email to become a spot market maker.

In the aftermath, a seemingly ordinary Chrome plugin called Aggr came into Nakamao's view. This plugin is used for viewing market data on websites. According to the victim, he saw multiple overseas KOLs promoting it for several months, so he downloaded it out of personal need.

To briefly explain, plugins can perform multiple operations; theoretically, they can not only log into trading accounts through malicious extensions and access user account information for trading but also withdraw funds and modify account settings. The core reason lies in the extensive permissions the plugin has to access, operate network requests, access browser storage, and manipulate the clipboard.

After discovering issues with the plugin, Nakamao immediately contacted the KOL to inquire and advised the KOL to notify users to stop using the plugin. However, unexpectedly, the boomerang hit Binance at that moment. According to Nakamao's initial account, Binance had already been aware of the plugin's issues, as a similar case occurred in March of this year, and Binance had tracked down the hacker afterward. Perhaps to avoid alerting the snake, they did not promptly notify users to suspend the product and even allowed the KOL to continue communicating with the hacker, making Nakamao the next victim.

Logging in and trading with just cookies indicates that Binance's mechanism must have certain issues, but the incident was indeed caused by user negligence, making accountability a challenge.

Sure enough, Binance's response afterward caused a stir in the market. Besides the official account reviewing that the cause was a hacker attack, Binance did not pay attention to the relevant information about the AGGR plugin. In a WeChat group, He Yi also commented on the incident, stating, "This is a case where the user's own computer was hacked; even gods can't save them, and Binance can't compensate for the user's device being compromised."

Nakamao clearly could not accept Binance's actions, believing that Binance had failed in risk control, and that the KOL had clearly confirmed mentioning the plugin to the Binance team, implying that Binance had knowledge but did not report it. As public opinion continued to ferment, Binance responded again, stating that they would apply for a reward as a return for users reporting malicious plugins.

Just when it seemed the matter had come to a close, interestingly, on June 5, the incident took a turn. Nakamao once again posted on the X platform, publicly apologizing to Binance, stating that there was an information gap with Binance and that he had subjective assumptions. In reality, Binance was not aware of the plugin's situation; they first learned of the aggr.trade website on May 12, not in March as previously mentioned. Moreover, the KOL was not an undercover agent for Binance; the KOL communicated with Binance regarding account issues, not plugin issues.

Regardless of the truth of these statements, the attitude has made a 180-degree turn, from disappointment to public apology, indicating that Binance must have compensated him in some way, although the specific amount remains unknown.

On the other hand, coincidentally, on June 3, besides Binance, OKX was also affected. An OKX user claimed in the community that their account was hacked through AI face-swapping, with $2 million being transferred out. This incident occurred in early May. According to the user, the reason for the account theft was unrelated to personal leaks; instead, the hacker logged into the email account, clicked "forgot password," and simultaneously created a fake ID and an AI face-swapping video, bypassing the firewall, further changing the phone number, email, and Google authenticator, and then stole all assets within 24 hours.

Although the video was not seen, from the user's description, it can be inferred that the AI-generated video was very poorly made. Nevertheless, it still breached OKX's risk control system, leading the user to believe that OKX also bore responsibility and hoped for full compensation. However, upon closer analysis, it can be determined that the perpetrator must have been familiar with the user and understood their habits and account balance, indicating that it was likely an insider job. The user also mentioned in the letter that they had friends who were always with them. Under normal circumstances, OKX would not compensate for this. Currently, this user has reported the matter to the police and plans to seek recovery through law enforcement.

The crypto community has widely discussed these two incidents. Of course, from a security perspective, although many emphasize that self-custody of wallets ensures absolute control over assets, it must be acknowledged that exchanges are generally safer than personal control, primarily because they increase the number of communication parties. Exchanges can at least connect with and contact direct third parties, and regardless of the outcome, they will at least intervene in the investigation. If communication is handled properly, victims may receive compensation, but if a self-custody wallet is hacked, there is almost no institution to fall back on.

However, the need for security improvements in current exchanges is urgent. Large trading platforms control most users' assets, and given the difficulty of recovering crypto assets, security should be prioritized. In traditional finance, almost every logout requires re-entering a password to prevent account control, and transfers usually require additional verification methods. Therefore, the community suggests that trading platforms should add password lock features, implement 2FA verification before trading, and require re-verification after IP changes, or adopt multi-party security MPC verification to decentralize passwords, sacrificing user experience to enhance security. However, some users believe that repeated verification is too cumbersome for high-frequency trading, making it impractical.

He Yi also responded, stating, "Currently, we have added big data alerts and manual double confirmations for sudden price fluctuations, which will also provide users with reminders; we will increase the verification frequency for plugin operations and cookie authorizations. In this scenario, trading passwords are not applicable, but Binance will increase security verification steps based on user differences."

Returning to the starting point, from these two incidents, users need to pay close attention and enhance their security awareness. While diversifying asset placement, it is advisable to use completely independent devices for operations, recommend using decentralized authentication, avoid prioritizing convenience, refrain from setting up password exemptions and live authentication, be cautious with plugins, and for large assets, use hardware wallets for storage.

After all, crypto assets are different from physical assets; physical assets can at least be tracked, while the theft of crypto assets is almost impossible to recover due to regulatory constraints, and even filing a case can be quite difficult.

Such cases are not uncommon. In a recent report by 1818 Golden Eye, a typical example emerged. The victim, Mr. Zhu, discovered a person on Zhihu claiming to have made millions through trading cryptocurrencies, named "Cheng Qiqi," and hoped to follow him to make money. After negotiation, they signed a contract for profit-sharing, clearly stating that 70% of the profits would go to Cheng Qiqi and 30% would be kept by Mr. Zhu, while in case of losses, both would bear 50%. During the trading process, Mr. Zhu only followed the trades, with all account ownership remaining with him.

Such a high profit-sharing arrangement, seemingly backed by a trustworthy contract, did not yield a trustworthy outcome. After initially making a small profit, the victim increased his stakes, and under Cheng Qiqi's assurance of "full compensation for liquidation," he borrowed $600,000 and used 100x leverage to short ETH. Ultimately, due to the rise in ETH's price, the victim lost everything.

This situation is clearly difficult to file a case for, as all actions were taken by the individual, with no fraudulent or coercive behavior involved. In the end, the police and reporters could only helplessly emphasize that according to our country's laws and regulations, virtual currency transactions are not protected, carry high risks, and users should remain vigilant.

In the end, Mr. Zhu wore a heartbroken and innocent expression, playing out a comical ending.

Regardless, this serves as a reminder to all participants in trading that in any financial field, even in the crypto space, which sacrifices some security for high profits and freedom, safety is far more important than efficiency or profit. This may also be one reason why the so-called decentralized crypto world cannot escape centralization.

After all, human nature is such. Everyone hopes for a safety net, and even if they earn a lot of money, they are reluctant to make others rich.