A user lost $1 million due to a malicious plugin Aggr causing web cookies to be hijacked by hackers

Odaily News X user @CryptoNakamao posted that his browser cookies were hijacked due to the malicious Chrome plug-in Aggr. Hackers manipulated his Binance account in this way, purchased corresponding tokens in the liquid USDT trading pair, and placed limit sell orders that exceeded the market price in the liquidity-scarce trading pairs such as BTC and USDC. Finally, the hacker used the user's account to open leveraged transactions, bought in excess of large amounts, and completed the counter-trading, which ultimately caused a loss of $1 million. Earlier in late May, SlowMist founder Yu Xian posted on the X platform that users need to pay attention to the browser extension AggrTrade, which will steal the user's exchange cookies and other permission information, which has caused significant user losses. Installed users should delete it as soon as possible, and modify the account passwords and 2FA of each platform, reset the transaction API, etc. Be cautious when installing and using extensions.