BTC 92Master
1 Following
36 Followers
60 Liked
8 Shared
⚠️ Urgent Security Warning: I found the Extension That Changed My Binance Deposit Address!
An extension installed in my browser intercepted and replaced the original Binance deposit address with a scam address and I lost some USDT assest as a result.
🧩 I’ve confirmed that the issue was caused by a malicious browser extension (“Save to Google Drive” v4.0.5): which had suspicious permissions:
"Read and change all your data on websites you visit"
"Modify clipboard data"
"Inject scripts"
When the extension is ON, the USDT (TRC20) deposit address shown on the official Binance website is replaced with this scam address: TCBbpHGoaTAkbkMgBYkg2N26ZHQ7RWVhA9
When the extension is OFF, the correct wallet address is shown: THzdVHx46GjiuE4gstvdUYcQHZEKQEzdoG
You can clearly see this behavior in the attached screenshots below.
💡 This confirms it’s a front-end malware injection attack—not a phishing site, but a browser extension hijacking live data on Binance's official website.
💡 Important Advice to All Binance Users:
✅ Always double-check your deposit address using a different device or the official Binance app.
✅Use Binance desktop software if possible.
✅Remove suspicious browser extensions, even if they seem legitimate
✅Record your original address generation screen and save it.
I hope Binance security team investigates such extension-based attacks and educates users on this growing threat.
Let’s protect each other.
Follow me to get similar security warnings!
$BANANAS31
$TON
$STRK
#CryptoScam #Binance #ScamAwareness #Malwareattack #malwarebtc
An extension installed in my browser intercepted and replaced the original Binance deposit address with a scam address and I lost some USDT assest as a result.
🧩 I’ve confirmed that the issue was caused by a malicious browser extension (“Save to Google Drive” v4.0.5): which had suspicious permissions:
"Read and change all your data on websites you visit"
"Modify clipboard data"
"Inject scripts"
When the extension is ON, the USDT (TRC20) deposit address shown on the official Binance website is replaced with this scam address: TCBbpHGoaTAkbkMgBYkg2N26ZHQ7RWVhA9
When the extension is OFF, the correct wallet address is shown: THzdVHx46GjiuE4gstvdUYcQHZEKQEzdoG
You can clearly see this behavior in the attached screenshots below.
💡 This confirms it’s a front-end malware injection attack—not a phishing site, but a browser extension hijacking live data on Binance's official website.
💡 Important Advice to All Binance Users:
✅ Always double-check your deposit address using a different device or the official Binance app.
✅Use Binance desktop software if possible.
✅Remove suspicious browser extensions, even if they seem legitimate
✅Record your original address generation screen and save it.
I hope Binance security team investigates such extension-based attacks and educates users on this growing threat.
Let’s protect each other.
Follow me to get similar security warnings!
$BANANAS31
$TON
$STRK
#CryptoScam #Binance #ScamAwareness #Malwareattack #malwarebtc
Front-End Malware Attack To my BINANCE Wallet
⚠️ Urgent Security Warning: I found the Extension That Changed My Binance Deposit Address!
I want to urgently warn others about a serious incident I encountered:
🔹 I was using the official Binance website on my browser
🔹 I used the TRC20 USDT deposit option
🔹 An extension installed in my browser intercepted and replaced the original Binance deposit address with a scam address: TCBbpHGoaTAkbkMgBYkg2N26ZHQ7RWVhA9
🛑 This address does not belong to Binance (confirmed by their Security Team), and I lost some USDT assest as a result.
🧩 I’ve confirmed that the issue was caused by a malicious browser extension (“Save to Google Drive” v4.0.5): which had suspicious permissions:
"Read and change all your data on websites you visit"
"Modify clipboard data"
"Inject scripts"
When the extension is ON, the USDT (TRC20) deposit address shown on the official Binance website is replaced with this scam address: TCBbpHGoaTAkbkMgBYkg2N26ZHQ7RWVhA9
When the extension is OFF, the correct wallet address is shown: THzdVHx46GjiuE4gstvdUYcQHZEKQEzdoG
You can clearly see this behavior in the attached screenshots below.
💡 This confirms it’s a front-end injection attack—not a phishing site, but a browser extension hijacking live data on Binance's official website.
💡 Important Advice to All Binance Users:
✅ Always double-check your deposit address using a different device or the official Binance app.
✅Use Binance desktop software if possible.
✅Remove suspicious browser extensions, even if they seem legitimate
✅Record your original address generation screen and save it.
I hope Binance security team investigates such extension-based attacks and educates users on this growing threat.
Let’s protect each other.
#SecurityAlert #CryptoScam #CryptoScamAlert
#USDTScamWarning #WalletHijack
I want to urgently warn others about a serious incident I encountered:
🔹 I was using the official Binance website on my browser
🔹 I used the TRC20 USDT deposit option
🔹 An extension installed in my browser intercepted and replaced the original Binance deposit address with a scam address: TCBbpHGoaTAkbkMgBYkg2N26ZHQ7RWVhA9
🛑 This address does not belong to Binance (confirmed by their Security Team), and I lost some USDT assest as a result.
🧩 I’ve confirmed that the issue was caused by a malicious browser extension (“Save to Google Drive” v4.0.5): which had suspicious permissions:
"Read and change all your data on websites you visit"
"Modify clipboard data"
"Inject scripts"
When the extension is ON, the USDT (TRC20) deposit address shown on the official Binance website is replaced with this scam address: TCBbpHGoaTAkbkMgBYkg2N26ZHQ7RWVhA9
When the extension is OFF, the correct wallet address is shown: THzdVHx46GjiuE4gstvdUYcQHZEKQEzdoG
You can clearly see this behavior in the attached screenshots below.
💡 This confirms it’s a front-end injection attack—not a phishing site, but a browser extension hijacking live data on Binance's official website.
💡 Important Advice to All Binance Users:
✅ Always double-check your deposit address using a different device or the official Binance app.
✅Use Binance desktop software if possible.
✅Remove suspicious browser extensions, even if they seem legitimate
✅Record your original address generation screen and save it.
I hope Binance security team investigates such extension-based attacks and educates users on this growing threat.
Let’s protect each other.
#SecurityAlert #CryptoScam #CryptoScamAlert
#USDTScamWarning #WalletHijack
🚨 SCAM ALERT – Malware Changed Binance Deposit Address
I recently lost some USDT because malware, most probably from browser extension, changed my Binance TRC20 deposit address on the official Binance website.
Always double-check your deposit address from multiple devices (browser + mobile app or desktop app).
Remove ALL unknown browser extensions.
My fake address was: TCBbpHGoaTAkbkMgBYkg2N26ZHQ7RWVhA9 — not even linked to Binance.
Stay safe and share this to save others.
#CryptoScam #Binance #ScamAwareness #Malwareattack #malwarebtc
I recently lost some USDT because malware, most probably from browser extension, changed my Binance TRC20 deposit address on the official Binance website.
Always double-check your deposit address from multiple devices (browser + mobile app or desktop app).
Remove ALL unknown browser extensions.
My fake address was: TCBbpHGoaTAkbkMgBYkg2N26ZHQ7RWVhA9 — not even linked to Binance.
Stay safe and share this to save others.
#CryptoScam #Binance #ScamAwareness #Malwareattack #malwarebtc
Login to explore more contents