Account Security

What to Do If Your Binance Account Gets Hacked

2026-03-01 · 11 min read
👉 Don't have a Binance account yet? Register Now | Download APP

Discovering that your Binance account has been compromised is an emergency — you need to act immediately to minimize losses. Every second counts, so follow the steps below as quickly as possible. If you haven't registered yet, Register on Binance and set up security right away. Download Binance APP and enable all security features.

How to Tell If Your Account Has Been Compromised

Before taking action, confirm whether your account has actually been breached. Common signs include:

  • Receiving unexpected login notification emails showing access from unfamiliar locations
  • Noticing unusual balance decreases or unauthorized withdrawal records
  • Security settings have been changed, such as 2FA being disabled or swapped
  • Receiving password reset emails you didn't initiate
  • Finding unfamiliar API keys in your account
  • Your linked email or phone number has been changed

If any of the above applies, follow the steps below immediately.

Emergency Response Steps

Step 1: Freeze Your Account Immediately

If you can still log in, go to Security Settings and click the "Disable Account" button. This will instantly freeze all account functions, including trading and withdrawals, preventing the hacker from doing further damage. If you can't log in, contact Binance support to request an emergency freeze. You can also email [email protected] from your registered email for an urgent freeze request.

Step 2: Change Your Password

If you still have access to your registered email, reset your password immediately via the "Forgot Password" feature. Choose a brand-new, strong password that you haven't used on any other website. Also change your email password to prevent the hacker from re-entering through your email. If your email has been compromised too, secure your email account first.

Step 3: Contact Binance Support

Reach out to Binance through:

  • Live chat on the website (fastest — use this first)
  • Submit a ticket under the "Account Security" category
  • Official social media channels (Twitter: @binaborsen)

Describe the situation and provide your registered email and UID. Have your ID ready — support may ask you to verify your identity.

Step 4: Assess the Damage

Once you regain access, carefully check:

  • Whether any asset balances have changed — review each token individually
  • Whether there are unauthorized withdrawals in the history — note any suspicious destination addresses
  • Whether new API keys were created — look for unfamiliar API keys
  • Whether security settings were modified, including 2FA, withdrawal whitelist, linked email, and phone number
  • Whether there are unusual trade records — hackers sometimes transfer assets through deliberate high-buy/low-sell trades
  • Whether any unknown sub-accounts were created

Step 5: Preserve Evidence

Save screenshots of all suspicious activity, including:

  • Unknown login records (time, IP address, device info)
  • Unauthorized withdrawal records
  • Modified security settings
  • Any suspicious trade history

This evidence is essential for subsequent investigations and potential legal action.

Security Measures After Recovery

  1. Reset all security verifications (password, Google Authenticator, phone number) — don't reuse any previous credentials
  2. Delete all API keys; if you need API trading, recreate them with strict IP whitelisting
  3. Review and remove unrecognized devices in device management
  4. Enable the withdrawal whitelist to only allow withdrawals to addresses you've confirmed are safe
  5. Set up an anti-phishing code to identify legitimate Binance emails
  6. Check your registered email's security and enable two-factor authentication for it
  7. Scan your phone for suspicious apps — consider a factory reset if necessary

Common Causes of Account Compromise

  • Entering credentials on a phishing site — phishing domains are typically very similar to the real site
  • Using the same password as another breached website — one of the most common causes
  • Phone infected with malware that logs keystrokes
  • Google Authenticator backup key leaked or stored insecurely
  • Logging in on a public device without logging out
  • Clicking links in phishing emails and entering information
  • Downloading a fake Binance app disguised as the real one

Can Stolen Funds Be Recovered?

Binance will assist with the investigation. If the stolen assets are still within the Binance platform (e.g., transferred to another Binance user), there's a chance they can be frozen and recovered. However, if the crypto has been withdrawn to an external address, recovery becomes extremely difficult since blockchain transactions are irreversible. Binance has a dedicated security team that handles these cases and will do their best to help, but results cannot be guaranteed.

For significant losses, consider filing a police report with your local authorities and providing the evidence you've saved. While recovering crypto across borders is challenging, having a police report on file is helpful for any future legal proceedings.

Prevention is always better than cure. Make sure to use a strong password, enable multi-factor authentication, and set up a withdrawal whitelist — these simple steps can dramatically increase your account's security.

Related Articles

How to Complete Binance KYC Identity Verification? 2026-03-01 What Documents Do You Need for Binance KYC Verification? 2026-03-02 How to Delete Your Binance Account 2026-03-02 What to Do If Binance KYC Verification Fails? 2026-03-03 How Long Does Binance KYC Verification Take? 2026-03-04 Can a Chinese ID Card Pass Binance KYC? 2026-03-05

Start Using Binance Today

Register through our referral link and enjoy a lifetime trading fee discount

Register Now Download APP