Register on Binance Download App
Safety

What to Do If Your Binance Account Is Hacked — Emergency Freeze, Recovery Steps, and Security Hardening

· About 23 min read

Don't Panic When You Discover Your Account Is Compromised

Discovering your Binance account has been hacked is frightening, but panic will only make things worse. Staying calm and acting quickly is the key to minimizing losses.

Typical signs that your account has been compromised:

  • Receiving login notification emails or texts from unfamiliar devices
  • Discovering unauthorized trade records in your account
  • Receiving withdrawal confirmation emails you didn't initiate
  • Being unable to log in with your normal password
  • Security settings (phone number, email, Google Authenticator) have been modified
  • Account balance decreased without explanation

If you notice any of these signs, follow the steps below immediately.

Step 1: Emergency Account Freeze (0 to 5 Minutes)

Option A: Self-Freeze via App or Website

If you can still log into your Binance account:

  1. Log into the Binance official app or website
  2. Go to "Security Settings"
  3. Find "Disable Account" or "Freeze Account" option
  4. Tap to confirm the freeze

After freezing:

  • All trading functions are suspended
  • All withdrawal operations are cancelled
  • All API keys are invalidated
  • All logged-in devices are force-disconnected

Option B: Freeze via Email Link

If you received a "suspicious activity detected" email from Binance (confirmed genuine by checking the Anti-Phishing Code), the email typically contains a "Disable Account" link. Clicking this link immediately freezes the account.

Option C: Contact Binance Support to Freeze

If you cannot log into your account:

  1. Access the Binance website from another device
  2. Submit an urgent support ticket through the Help Center
  3. Select the "Account compromised / Unauthorized activity" category
  4. Provide as much detail as possible: account email, registered phone number, recent transaction records, etc.
  5. Request immediate account freeze

You can also try reaching out through Binance's live chat support or verified official social media channels (confirmed through Binance Verify).

Why Speed Is Critical

After gaining access to your account, hackers typically attempt to transfer assets as quickly as possible. Every extra minute before you freeze the account gives hackers more time to operate. The following actions can be completed by hackers within minutes:

  • Converting holdings to easily withdrawable currencies (such as USDT or BTC)
  • Initiating withdrawals to external addresses
  • Creating API keys for future access

So the speed of freezing your account is absolutely critical.

Step 2: Assess the Damage (5 to 30 Minutes)

After freezing the account, check the following to assess losses:

Check Withdrawal Records

In "Wallet" > "Transaction History" > "Withdrawal Records," look for any unauthorized withdrawal operations. Record:

  • Currency and amount withdrawn
  • Destination address
  • Time of withdrawal
  • Status (whether completed)

Check Trade Records

Review spot trading and futures trading history for any trades you didn't make. Sometimes hackers use unreasonable trade prices to transfer your assets to their other accounts.

Check Security Settings

Review whether the following settings were modified:

  • Login password
  • Google Authenticator
  • Phone number
  • Email address
  • Withdrawal whitelist
  • API keys

Document All Anomalies

Record all discovered anomalies in detail, including timestamps, operation types, and amounts involved. This information will be needed for subsequent appeals and potential law enforcement reports.

Step 3: Contact Binance Support to Appeal (30+ Minutes)

Submit a Formal Security Incident Report

Contact Binance support through one of these channels:

  1. In-app live chat
  2. Help Center ticket submission on the website
  3. Email to Binance's official support address

Information to Provide

Prepare the following to expedite processing:

  • Your registered email or phone number
  • Account UID (found on your profile page in the app)
  • Identity documents (matching your KYC)
  • Approximate time of the breach
  • How you discovered the compromise
  • Screenshots of unauthorized operations
  • Your IP address and commonly used login devices

Request Asset Recovery

If the hacker's withdrawal is still pending (status "Processing"), Binance may be able to intercept it. If the withdrawal is complete, recovery is more difficult but still worth attempting:

  • Binance may track subsequent activity at the destination address
  • If assets were transferred to another exchange, Binance can cooperate with law enforcement to freeze the recipient's account
  • Providing as many clues as possible aids the tracking effort

Wait for Resolution

Security incident processing times range from a few days to several weeks. During this period, keep your communication channels open and respond promptly to any requests from Binance support for additional information.

Step 4: File a Report With Law Enforcement

Why Filing a Report Matters

Even if you don't expect to recover your assets, filing a report is still important:

  • A police report serves as supporting documentation for your appeal
  • If significant amounts are involved, law enforcement may formally investigate
  • It helps combat cybercrime and protect other potential victims

Materials Needed for the Report

  • Binance account information and transaction records
  • Detailed list of stolen assets
  • Screenshots and timeline of unauthorized operations
  • Your suspected cause of the breach (such as clicking a phishing link, password leak, etc.)
  • Communication records with Binance support

Step 5: Security Hardening — Prevent Future Breaches

After your account is unfrozen and restored, comprehensive security hardening is essential:

Change All Passwords

  1. Change your Binance account password — use a completely new, strong password (16+ characters including uppercase, lowercase, numbers, and special characters)
  2. Change your registration email password
  3. If you used the same password as Binance on any other websites, change all of them

Reset Google Authenticator

If Google Authenticator may have been compromised or modified:

  1. Unbind the current Google Authenticator
  2. Rebind a new Google Authenticator
  3. Save the new backup key securely

Delete All API Keys

Go to the API management page and delete all existing API keys. If you genuinely need API access later, create new keys with strict permission restrictions.

Set Up Withdrawal Whitelist

Enable the withdrawal whitelist feature to only allow withdrawals to addresses you've pre-approved. This way, even if the account is compromised again, hackers cannot withdraw to unfamiliar addresses.

Enable Anti-Phishing Code

If you haven't set up an Anti-Phishing Code before, do it now. If you already have one, change it to a new one.

Review Authorized Third-Party Applications

In the Binance official security settings, check for permissions granted to third-party applications and revoke all unnecessary authorizations.

Device Security Check

Your phone and computer may also have been compromised. Recommendations:

  • Run comprehensive antivirus scans on your phone and computer
  • Update your operating system and all applications to the latest versions
  • Check for suspicious apps or browser extensions
  • Consider resetting your phone to ensure no residual malware

Common Causes of Account Compromise

Understanding how breaches happen helps prevent future incidents:

Cause 1: Password Leaks

Using weak passwords, reusing the same password across multiple websites, or having the same password on a site that was breached by hackers.

Prevention: Use a password manager to generate and store strong passwords. Use a unique password for every website.

Cause 2: Phishing Attacks

Entering your credentials on a fake Binance website.

Prevention: Set up an Anti-Phishing Code, use bookmarks to access Binance, always verify URLs.

Cause 3: Phone Malware

Having a keylogger or screen recording software installed on your phone, capturing passwords and verification codes as you type them.

Prevention: Only install apps from official app stores, don't click suspicious links, periodically check phone security.

Cause 4: SIM Swap Attacks

Scammers trick your carrier into issuing a duplicate SIM card, allowing them to receive your SMS verification codes.

Prevention: Rely primarily on Google Authenticator rather than SMS verification. Contact your carrier to set up SIM swap protection.

Cause 5: Social Engineering

Scammers use chat, phone calls, or other communication to impersonate support staff or friends and trick you into revealing account information.

Prevention: Never share your password or verification codes with anyone. Binance support will never proactively ask for this information.

FAQ

Will Binance compensate for stolen assets?

Generally, Binance does not bear responsibility for asset losses caused by user-side issues (such as password leaks or clicking phishing links). However, Binance will do its best to assist with tracking and freezing stolen assets. If losses result from a security vulnerability on Binance's platform itself, the SAFU insurance fund may provide compensation.

Can I deposit to a frozen account?

No. When an account is frozen, all functions are suspended, including deposits, trading, and withdrawals.

How long does it take to unfreeze an account?

This depends on the security review results. Typically, 1 to 7 business days after you complete identity verification and security is confirmed.

What if the hacker changed my email and phone number?

This situation is more complex, requiring a more rigorous identity verification process through Binance support. Prepare your identity documents and any information that proves you are the original account owner (such as earliest deposit records, registration date, etc.).

Summary

Post-breach response process:

  1. Freeze immediately: Speed is priority number one — the faster, the better
  2. Assess damage: Document all unauthorized operations in detail
  3. Contact support: Submit a security incident report and cooperate with the investigation
  4. File a report: Preserve all evidence and report to law enforcement
  5. Comprehensive hardening: Change passwords, reset authenticator, enable all security features

The best defense is prevention. Regularly checking account security settings, staying vigilant, using strong passwords and two-factor authentication can dramatically improve your account's security.

Download Binance App

Android APK direct install, iOS requires overseas Apple ID

Download App Register on Binance

Related Articles

Google Authenticator Stopped Working After Switching Phones? Here's How to Recover 2FA on Binance
Suspicious Activity on Your Binance Account? Here's the Correct Emergency Response
Can You Restore a Deleted Binance Account? 6 Things to Know Before Closing Your Account
Forgot Your Binance Password? Complete Guide to Resetting and Recovering Your Account
Is Cryptocurrency Trading Illegal? Where Are the Legal Boundaries?
Binance SMS Verification Code Not Received? Complete Troubleshooting and Alternative 2FA Solutions
Contents