What to Do If Your Binance Account Gets Hacked
Discovering that your Binance account has been hacked is one of the most terrifying experiences any crypto holder can face. However, if it does happen, responding quickly and correctly is absolutely critical to minimizing your losses. You can use the security features on the Binance official website to freeze your account immediately, or take swift action through the Binance official app. If you are an Apple user and need to reinstall the app, please refer to the iOS installation guide.
Common Signs That Your Account Has Been Compromised
Before diving into the recovery process, it is important to recognize the warning signs that indicate your account may have been hacked:
- You receive login notification emails or SMS messages for logins you did not initiate
- You receive withdrawal confirmation emails for transactions you never requested
- You log in and find that your account balance does not match what you expected
- Your security settings have been altered — for example, your Google Authenticator has been swapped out or your withdrawal addresses have been changed
- You suddenly cannot log in and the system tells you your password is incorrect
- You receive notifications about API keys being created, even though you never did so
If you notice any of these signs, you need to take immediate action without hesitation.
Step One: Freeze Your Account Immediately
This is the most urgent action you can take. Binance provides a one-click account freeze feature that suspends all trading and withdrawal activities once activated.
Freeze via Email
If you received a suspicious activity notification email from Binance — such as an alert about a login from an unfamiliar location — there is usually a "Disable Account" link at the bottom of the email. Clicking this link will instantly freeze your account and block any further unauthorized actions.
Freeze via the App
If you can still log into the Binance app, navigate to your security settings and look for the "Disable Account" option. Tap on it and confirm to freeze your account right away.
Freeze via Customer Support
If neither of the above methods works for you, you can reach out to Binance's online customer support through the official website and request an emergency account freeze. Once you explain your situation, the support team will help you process the freeze as quickly as possible.
Important reminder: Freezing your account is not permanent. You can unfreeze it later by completing identity verification. However, while the account is frozen, you yourself will also be unable to perform any operations. This is by design — it prevents the attacker from continuing to move your funds.
Step Two: Assess the Damage
Once your account is frozen, take a deep breath and calmly assess the extent of the damage:
- Log into your account and review your recent trading history and withdrawal records
- Compare the current balances against what you remember having in your account
- Look for any suspicious trade orders, such as futures trades you never placed
- Check the API management page for any unauthorized API keys that may have been created
Take screenshots of every suspicious activity you find. These records will be essential when you submit a support ticket or file a police report later on.
Step Three: Change Your Passwords and Security Settings
Change Your Binance Password
Use the "Forgot Password" feature with your registered email address to reset your Binance login password. Make sure the new password is strong and complex, with no connection to any of your previous passwords whatsoever.
Change Your Email Password
In many cases, account breaches happen because the hacker first compromised your email account. They use your email to intercept verification codes and manipulate your Binance account. Therefore, it is absolutely essential that you also change the password for the email address linked to your Binance account and enable two-factor authentication on your email as well.
Reset Google Authenticator
If the hacker managed to replace your Google Authenticator, you will need to go through Binance's identity verification process to rebind it. This procedure typically requires you to provide identification documents, facial recognition, and other verification materials.
Delete All API Keys
Go to the API management page and delete every single API key. Hackers may be using API keys to move your funds in the background without you even noticing.
Step Four: Submit a Support Ticket and Appeal
Submit a support ticket through the Help Center on the Binance website or app, providing a detailed description of your situation:
- When you first noticed the suspicious activity on your account
- What specific unauthorized actions you observed
- How much money you have lost
- Attach screenshots of all suspicious activities
Binance's security team will investigate your case after receiving the ticket. If the funds have not yet been withdrawn from the platform or are still within the Binance ecosystem, there is a possibility of recovery.
Step Five: File a Police Report
If the amount of money lost is significant, you should also file a report with your local law enforcement agency. Prepare the following materials:
- Your Binance account information
- Screenshots of suspicious transaction records
- A detailed breakdown of the losses
- Your personal identification documents
While recovering funds from cross-border cybercrime is notoriously difficult, having an official police report on record can serve as important documentation for any future legal proceedings or claims.
How to Prevent Your Account from Being Hacked
After going through such an experience, you will undoubtedly take security far more seriously. The following measures can significantly reduce the risk of your account being compromised in the future:
Enable All Available Security Verifications
Turn on Google Authenticator, phone number verification, and email verification — all three. With triple verification in place, an attacker would need to simultaneously obtain your password, your phone, and your authenticator to perform any actions, making a successful breach exponentially more difficult.
Set Up an Anti-Phishing Code
After setting up an anti-phishing code, you can easily distinguish genuine Binance emails from fake ones, preventing you from accidentally entering your credentials on phishing websites.
Enable the Withdrawal Whitelist
In your security settings, enable the withdrawal whitelist feature. This restricts withdrawals to only the addresses you have pre-approved. Even if a hacker gains access to your account, they can only send funds to your whitelisted addresses and cannot withdraw to their own wallets. Additionally, newly added whitelist addresses require a 24-hour waiting period before they become active, giving you ample time to react.
Regularly Review Your Login Devices
Check the "Device Management" section in your security settings and periodically remove any devices you do not recognize. If you discover that an unfamiliar device has logged into your account, change your password immediately.
Avoid Using Public Wi-Fi for Transactions
Public Wi-Fi networks are easily intercepted by malicious actors. Never log into Binance or perform any financial transactions while connected to Wi-Fi at coffee shops, airports, or other public locations.
Security Reminder
Account security is an ongoing effort, not something you set up once and forget about. It is recommended that you regularly log into the Binance official website to review your security settings and ensure all protective measures are properly enabled. When using the Binance official app, always download it from official channels only and never trust anyone who privately messages you claiming to be "customer support." Protecting your funds starts with building good security habits in your daily routine.
Conclusion
The most critical action after discovering your account has been hacked is to freeze it immediately to prevent further losses. From there, proceed step by step: change your passwords, reset your security settings, submit a support ticket, and file a police report if necessary. But the best strategy is always prevention — set up all available security measures thoroughly so that hackers simply have no way in.