Written By: Colin Wu
Everything about your Binance Android APP is real, you can log in and trade normally, and only one thing is fake: the USDT deposit address. When you want to deposit some USDT to Binance, the money has already been transferred to the hacker's wallet.
This is not impossible. Similar incidents have occurred in recent times. For security, users please quickly check all your assets related to the Binance Android APP, it is best to go to the official website to download.
"Xiaohu" described the whole thing on October 27:
On October 24, 2022, I prepared to transfer 5 ETH from MetaMask to Binance APP for OTC. I opened Binance APP (mobile phone is Huawei Honor), pulled out the QR code (ERC20) of the receipt address, scanned the code with MetaMask Wallet (chrome plug-in for computer version), checked the address, and transferred the money. A few minutes later, I checked the Binance APP and found that it hadn't arrived. I thought it might be because of network congestion. After several hours, it still hadn't arrived. So I contacted the customer service and the customer service asked me to submit the hash of the deposit tx. I did, but the customer service told me that my deposit address did not belong to any user of Binance.
Another user kongkong Description:
My friend withdrew USDT from OKx to Binance, the first tx arrived, the second tx more than 5,000 USDT, waited for more than half an hour but did not arrive. Finally, I contacted Binance App customer service and said that the trc20 address of the recipient was not the address of the Binance user, so I couldn't get the money back.
According to the on-chain data statistics, one of the hacker addresses of the fake Binance APP, TN9L...NUz9, has received more than 500,000 USDT in recent month, and the number of income transactions is nearly 400.
https://tronscan.org/#/address/TN9LTR5Yn63ha8undsJgQEKmnx9w9uNUz9/transfers
Binance official replied:
It is recommended to visit the official website using Google Traceless mode.
When deposit assets, compare whether the deposit address displayed on the app is the same as the deposit address displayed on the web page of the computer.
During asset withdrawal, confirm whether the address entered in the withdrawal is the same as the address notified by email.
After confirming the correct address, you can make a small withdrawal first.
Security sources point out that the core reason is that malicious code is precisely implanted in Binance APP. Binance should make a wide range of users go to the official website to re-download the latest APP, especially Android users. Similar problems are likely to occur with users downloading apps from other exchanges.
The SlowMist security team explained to WuBlockchain: APP after repackaging, and then put the Binance APP on the relevant download site, once the user installed the fake Binance APP, the fake APP in the user login and other functions have not changed, the malicious code function is located in the user deposit, when the user deposit, trigger the malicious code rules, replace the user deposit address as a malicious address. The SlowMist security team said, do not use search engines to find Android APP, for example, in Baidu search "Binance APP download", basically all fake links, must be in the official website to download APP. the common feature of the above two users is to search - download APP, using Android phones.
Follow us
Twitter: https://twitter.com/WuBlockchain
Telegram: https://t.me/wublockchainenglish
Just remember this IPHONE 12 Pro max