Crypto Self-Defense Manual: Learn These Tips to Protect Your Million Dollars
Author: Nan Zhi, Odaily Planet Daily
Yesterday, X user @CryptoNakamao posted that due to the Chrome malicious plugin Aggr, his browser cookies were hijacked, and hackers manipulated his Binance account through this method, resulting in losses of up to $1 million.
In response to this incident, Binance issued a statement saying that the cause of the event was that the user's computer had been hacked. The security customer service took 1 minute and 19 seconds to process the user's freezing request. The platform investigated the wash trading and confirmed the suspect's account, noting that cross-platform freezing requests take time. As of now, Binance had not noticed any information related to the AGGR plugin prior to this incident. Therefore, compensation for such incidents cannot be provided.
This incident once again serves as a wake-up call for users regarding security. As hackers become increasingly specialized, it is often difficult to recover from security incidents. Therefore, while discussing security prevention may seem like a cliché, it deserves to be treated with the highest priority. Odaily will summarize common attacks and prevention methods in this article.
One-Click Account Freezing
First, in response to this incident, if you discover that you have been hacked but your account funds have not been completely transferred, how can you quickly protect the remaining funds? In addition to transferring funds to other accounts, you can also protect your account by disabling it with one click. Once disabled, you will need to contact customer service to unfreeze it.
Disabling the account needs to be done through the Binance App. First, enter the settings interface, then at the bottom of the interface, there will be a "Account Security" section. Finally, go to the bottom of the section to "Manage Account," click to disable the account, and confirm. Binance's current official guidance is from 2018, and the specific execution process differs significantly from the current practical operation, so users are advised to confirm and familiarize themselves with the specific location in advance.
Chrome Plugins
Chrome plugins are indispensable for Crypto users, so not using plugins is unrealistic. How can users ensure the safe use of Chrome? Users can take the following measures:
- Check browser plugin permissions; disable any plugins that are not frequently used.
- Use multiple browsers to allocate different security levels for different tasks.
- It is recommended to access all Chrome plugins through links provided by the official X account, rather than using Google search or X search. Searching through these channels may lead to paid phishing links, resulting in losses. The official account has the obligation to maintain the correctness of X account links and should compensate users in the event of an attack.
Checking Installed Plugin Permissions
Regarding the principles and security issues of Chrome extensions, Slow Mist has published an explanation. Slow Mist's Chief Security Officer 23 pds pointed out that the key lies in the manifest.json file, which determines the permission scope of the plugin.
How to check the permission scope? Users can enter chrome://extensions, which includes all the plugins installed on the browser. By clicking on details, you can see the permission scope of the plugins. Be cautious with plugins that have the permission "Read and change all your data on all websites."
Using Multiple Browsers
Users can allocate different browsers for tasks with different security level requirements. For example, do not use any plugins on the browser used to log into exchanges, and only use basic tools like secure wallets on browsers that involve on-chain funds.
There are two common methods for using multiple Chrome browsers:
The first method is to use the official account switching method to open multiple browsers. In the upper right corner of Chrome, users can choose to add a temporary guest account or a Google account. After adding, click on the new account to open a completely new browser interface. Browsers opened with different accounts run independently, and plugins cannot cross-browser harm. Compared to the next method, this one has the advantage of cloud synchronization for plugins.
Another common method for batch creation is to create multiple shortcuts based on the computer.
Users can copy one or any number of Chrome shortcuts on their computer, then right-click on the shortcut to enter the properties interface, and at the end of the target address, input
--user-data-dir="target folder address"
to create a completely new independent Chrome browser (note that there is a space at the beginning). This method is quicker than the previous one, but it is important to note that all data is stored locally, so you need to back up critical data such as wallet keys.
Clipboard Permissions
Due to the popularity of TG Bots, many users often directly copy keys. In this scenario, it is recommended not to copy the entire key at once; instead, keep a few letters to input manually to avoid clipboard monitoring risks. Additionally, it is crucial to turn off the clipboard reading permissions for apps and websites. For web users, you can enter the following link chrome://settings/content/clipboard, where you can disable the reading permissions for websites and only enable them when absolutely necessary, significantly enhancing security.
Fake Account Scams on X Platform
In recent months, there have been frequent occurrences of impersonating official accounts on the X platform to post malicious phishing links. These accounts are often gold-standard accounts, with usernames identical to the official ones, differing only by one or two letters in the account handle, making them hard to spot at first glance.
For such scams, it is recommended that users install the Scam Sniffer plugin, which will scan X platform accounts and alert users to fake official accounts appearing in the comments.
Other Basic Security Awareness
In addition to the above manual checks and security operations, there are many basic awareness-level security elements, including:
- Do not trust any private message links on TG and DC; only trust links and information published by official accounts.
- Try to keep mnemonic phrases and keys off the internet, especially avoid taking photos of mnemonic phrases with your phone.
- On computers involving large amounts of funds, avoid installing remote control software like todesk or Sunflower.
- Set up 2FA for exchange accounts involving large amounts of funds, and log out after use.
Decentralization means that security issues will never disappear, and losses are difficult to recover. Hacker attack methods continue to evolve, and only you can protect yourself. Doing the most basic security precautions is fundamental to "surviving."