Signs That Your Account May Be Compromised
You receive an email from Binance saying "Your account was logged in on a new device" — but you didn't log in anywhere. Or you open the app and notice trades you never placed. Or you try to sign in and find your password has been changed. These are all signals that your account security may have been breached. On Binance, your account security is directly tied to your entire portfolio, so immediate action is critical.
Time is everything. Once an attacker gains control of your account, they typically try to move assets out as quickly as possible. The faster you respond, the less likely your funds will be lost.
Step 1: Freeze Your Account Immediately
This is the most important and urgent step. Binance offers several ways to quickly freeze your account.
If you can still log in, open the Binance app or web version, go to "Security Settings," find the "Disable Account" button, and confirm. Once disabled, all trading, withdrawals, and fund operations stop immediately.
If you've been locked out and can't access your account, there's an emergency fallback: check your registered email for recent login notifications or security alerts from Binance. At the bottom of these emails, you'll typically find a "Disable Account" or "Freeze Account" link. Clicking it freezes your account instantly without needing to log in.
If neither option works, contact Binance support directly, explain that your account has been compromised, and request an emergency freeze.
Step 2: Identify and Fix the Security Breach
With your account frozen, your funds are temporarily safe. But before reactivating your account, you need to figure out where the vulnerability was — otherwise you might get hacked again after recovery.
First, check whether your registered email has also been compromised. Log into your email and look for suspicious login activity or unfamiliar forwarding rules. If your email was also breached, prioritize recovering it first — change the password and enable two-factor authentication on your email account.
Next, think back to whether you recently clicked a suspicious link, entered your Binance credentials on an unofficial website, or downloaded software from an untrusted source. Any of these could be how your account information was leaked.
Scan your computer and phone for malware. Run an antivirus scan or at the very least clear all browser cache and cookies.
Step 3: Contact Support to Restore Your Account
Once you've addressed the security issues, you can reach out to Binance support to request account restoration.
Submit a restoration request through Binance's official website via live chat or email. You'll need the following: the email or phone number used during registration, photos of the ID document submitted during KYC verification, a selfie holding your ID (with the information page facing the camera), and any other evidence proving account ownership (such as recent deposit records or commonly used login devices).
After support verifies your identity, they'll help you reset your password and security verification methods. Your account remains frozen during the review period, so your funds stay completely safe.
Step 4: Strengthen Security After Recovery
Once your account is restored, don't rush into trading — reconfigure all your security settings first.
Set a new strong password with at least 12 characters, including uppercase and lowercase letters, numbers, and special characters. Don't reuse this password on any other account.
Re-bind Google Authenticator and securely store the 16-digit backup key. Enable Binance's anti-phishing code feature by setting a unique phrase that only you know — every official Binance email will then display this phrase, helping you identify phishing attempts.
Check the "Device Management" page and remove any login devices you don't recognize. Review your "Withdrawal Address Management" and delete any addresses you didn't add. If possible, enable the withdrawal whitelist feature so that funds can only be sent to your own designated addresses.
How to Prevent Future Account Breaches
After experiencing a security incident, it's even more important to maintain good security habits.
Never click links from someone claiming to be "Binance support" via direct messages — real Binance support will never contact you through Telegram, WeChat, or QQ. Don't click "Binance official site" links in search engine ad positions, as scammers sometimes purchase ads to promote phishing sites. Manually typing the official URL in your browser is the safest approach.
Change your password regularly — at least every three months. Avoid logging into your Binance account on public WiFi. Keep your Binance app updated to the latest version, as new releases typically patch known security vulnerabilities.
FAQ
Q: What happens to my assets while the account is frozen?
All your assets remain completely safe during a freeze. Freezing means all account functions are suspended — including trading, withdrawals, and deposits. No one, including you, can access the funds. Operations resume only after support verifies and restores your account.
Q: What if assets were transferred out before I froze the account?
If you discover unauthorized withdrawals, make sure to specify this when contacting Binance support. Provide detailed information about the stolen assets — timing, amounts, and destination addresses. Binance's security team will help trace the on-chain fund flow. It's also advisable to preserve all evidence and consider filing a report with local law enforcement.
Q: How long does it take to restore a frozen account?
If you provide complete identity verification materials, the review typically takes 1 to 3 business days. In more complex situations, such as large unauthorized fund movements, the review may take up to about 7 business days.
Q: How many times can an account be frozen?
There's no limit. You can freeze your account every time you detect a security threat, and freeze it again after recovery if you notice another anomaly. However, if you find yourself freezing and unfreezing frequently, it's worth thoroughly investigating the root cause — your device may have malware, or your credentials may have been leaked to dark web databases.
Android APK direct install, iOS requires overseas Apple ID