A non-professional Brazilian cryptocurrency investor lost BRL 100,000 on Binance after a possible fraud in the exchange’s API, which processed 250 withdrawals in just 10 minutes. in conversation with the livecoins, he narrated that he works with information security and was surprised to be the target of a problem that he does not understand how it was perpetuated. A Bitcoin investor since 2017, he didn’t start trading on Binance, but on another exchange he claims he never had problems with. However, after a friend introduced him to Binance, which has more coin options, he gradually shifted all his value there. After opening his account, doing research, he says he had all the security requirements enabled on his account and until then trusted the broker, which he checked almost daily. He thinks it’s good to trade the market, after following the rise of Bitcoin in recent years, but now he’s sad about a broker.
“I woke up and saw that my Binance account was at zero: 250 withdrawals in just 10 minutes”
In early January 2022, the Brazilian was sleeping when his nightmare began. Upon waking up, the Bitcoin investor realized that he had received several emails, a situation that caused him strangeness, but when he checked, the scare was even greater. This is because each message received was equivalent to a different withdrawal from his Binance account, a fact that led him to run to his account to see if what was happening was true. Upon joining the platform, his entire balance had been drained and the investor then turned to support to seek explanations about what had happened. Without ever enabling an API on his account, he said that he found out from the Binance chat that someone had set up this tool, via an IP from the United States. As he works at a US security company, he remembered that he cannot operate on Binance when he enables his VPN to have an IP from that country, which has already caused him strangeness about the possible fraud on his account. He also detected that 250 withdrawals were made to his Binance account in just 10 minutes, from an IP in Europe. After investigation, the investor says that he discovered that whoever configured the API was also responsible for the withdrawals, even though the Brazilian was in the city of Campinas (SP).
No resolution, case goes to court
As a cybersecurity consultant, he has security solutions and has never had any problems, he believes that a fraud is the only possibility. In addition to chatting and the brokerage indicating that it would not help him, the investor also filed a complaint through Reclame Aqui on January 26, when it all happened, still without a response. “I immediately contacted Binance and after verification by support I was informed that withdrawals had been made through a third-party application (API), and that this was a security error on my part. I’m not a developer and I didn’t apply for API usage, but according to Binance I created an API key to use. Anyway my account was hacked, no matter how many security mechanisms there are, 2, 3, keys, codes, the account was hacked and the money stolen. This is a serious security issue, and according to Binance there is no way to reverse it due to the blockchain.” Faced with Binance’s refusal to resolve the issue amicably, the investor hired cryptocurrency specialist law firm RSouza Advocacia to bring the case to justice. O livecoins reached out to Binance for comment on the case, but received no response at the time of writing. Anyway, the case reminds you that it is important not to leave a balance at a brokerage, unless it is necessary for trades.