AntBot stealing customers' cryptocurrency on Binance (Rights protection)

⚠️☠️ Dangerous! Serious Warning ☠️⚠️

AntBot APP is a fraudulent software from China, the founding team is located in Hangzhou, China, The development team is located in Shenzhen, China. AntBot's rebate policy is suspected of pyramid schemes.

2023-03-21 01:49:08 (Beijing: UTC+8), on the Binance cryptocurrency exchange, AntBot used the customer’s API Key on the Binance exchange to steal the cryptocurrency in the user’s account (transaction volume records It is a homophonic number for Chinese love).

AntBot is developed by China's micro-business, MLM, fake insurance team, "Xiangbaotuan Alliance", the predecessor of "Xiangbaotuan Alliance" is "Yizongbang", the founder of "Xiangbaotuan Alliance" Long Juan, and founder Wu You Rui is suspected of a major crime.

AntBot has been proven to be a scam. I hope that Google Play will remove this illegal APP as soon as possible, so that more cryptocurrency investors will not suffer property losses due to the AntBot scam.

AntBot 相关信息汇总

AntBot SCAM!!!

https://mirror.xyz/0x07b26d5b094ac62C0975Ad8696D4e63397c5C540/9XeaUXLBseWZWY1tR8o9QcmIsE9_wcx4epTjxkD-FXE

https://mirror.xyz/0x07b26d5b094ac62C0975Ad8696D4e63397c5C540/P7YhxJB9d1M03tYuNt0bhCL2YwLAmYKtX8T2kWhmy_8

On March 21, 2023, AntBot was hacked to steal coins

On March 21, 2023, AntBot was hacked futures contracts to steal cryptocurrency

AntBot victims in China are requested to report through the following websites as soon as possible:

http://cyberpolice.mps.gov.cn/ - website for reporting cyber crimes

https://jubao.nifa.org.cn/ipnifa/index.html - China Internet Finance Reporting Information Platform

AntBot's behavior after this problem:

Disbanded the Telegram group.
Forcibly upgrade the APP to clear the data of the victimized user.
If you don’t solve it yourself, post an announcement to ask the victimized users to contact Binance customer service.
Did not give an explanation, and did not say that the hacker was responsible for the stolen coins.
Deleted the relevant comments on Binance Square.

AntBot's attitude towards the hacker theft event:

No apology,
Do not admit,
No compensation,
Not responsible,
Shirk to Binance and users.

Defending the rights of hackers who stole coins from AntBot+Binance

1 - Event overview

At around 1:00 am on March 21, 2023, a hacker theft occurred on the Binance cryptocurrency exchange, which was related to the cryptocurrency trading robot AntBot.

The facts about AntBot that the victim has established are: AntBot is a cryptocurrency trading robot product of a company based in Shenzhen, Guangdong, China. AntBot was established in 2020, and there is an AntBot APP on the Google Play app store. And AntBot is a member of Binance Brokers, because only Binance Brokers will be granted Fast API permission by Binance.

The victim’s request is to hold Binance, AntBot and the hackers accountable, and to return or compensate the same type and amount of losses suffered, 8 kinds of cryptocurrency assets (including, BTC: Bitcoin, ETH: Ethereum, BNB: Binance Coin, ADA: Cardano, DOGE: Dogecoin, MATIC: Matic Coin, SHIB: Shiba Inu Coin, DOT: Polkadot Coin, the Chinese translation is for reference only, and the English letter encrypted currency asset code shall prevail) to the victim People's Binance Binance spot account.

2 - The specific company of AntBot is not clear. The victim suspects that it is the following company. Whether it is this company or not needs to be investigated by the police:

Shenzhen Little Red Ant Network Technology Co., Ltd. Cancellation

Unified social credit code: 91440300MA5GAKDP7P

Legal representative: Li Gensheng

Registered address: Room 407-408, 4th Floor, Building 1, 1980 Science and Technology Culture Industrial Park, Yousong Second Industrial Zone, Fukang Community, Longhua Street, Longhua District, Shenzhen

Cancellation Date : December 16, 2020

Shenzhen Little Red Ant Information Technology Co., Ltd. (in operation, opening, on the register) (the enterprise is included in the list of abnormal operations)

Unified social credit code: 91440300MA5GDKFU7E

Registered address: Room 1502, 15th Floor, Building A, Jindingsheng Science and Technology Park, Qinghu Community, Longhua Street, Longhua District, Shenzhen

Legal representative: Ren Junxi

Date of Establishment: September 25, 2020

3- the detailed description of the event:

At around 1:00 am on March 21, 2023, a hacker stole coins on the Binance cryptocurrency exchange. AntBot, a cryptocurrency trading robot, had an information security incident, which caused my Binance interface secret key to be leaked, hackers invaded, and an unauthorized transaction occurred. Stealing coins, which in turn leads to the loss of the user's property.

By invading and controlling the interface key of the victim Wang Tianyou on the Binance Exchange, the hacker sold the BTC, ETH, BNB, ADA, DOGE, MATIC, SHIB, DOT, etc. of the victim Wang Tianyou’s spot account on the Binance Exchange. into USDT, and then transfer the victim Wang Tianyou’s BTC, ETH, BNB, USDT and other currencies in the Binance Exchange spot account to the futures contract account, and then use the perpetual contracts of small market value currencies such as PERP and TRB The right knock is gone. (Prices and transactions of small market capitalization currencies are easily manipulated)

The victim Wang Tianyou lost BTC, ETH, BNB, ADA, DOGE, MATIC, SHIB, DOT and other cryptocurrencies in the account of Binance Exchange, which was worth about 1.5 BTC, which was about 40856.89 USDT at that time, which was about renminbi at that time. 300,000 yuan. Due to the continuous fluctuation of cryptocurrency prices, this data is for reference only. The specific loss needs to be further confirmed by the police inquiring about the relevant data of the Binance exchange.

The victim Wang Tianyou asked the customer service of the Binance Binance exchange. The Binance customer service said that because the customer authorized the exchange interface key (API key and Secret Key) to a third party: the trading robot provider AntBot, so the Binance Binance transaction AntBot will not be responsible for this incident of hacking and stealing coins. AntBot should bear the security responsibility for not properly protecting and not properly using the confidential information of customers.

The victim Wang Tianyou asked the customer service of the trading robot provider AntBot. The customer service of AntBot said that because the customer did not have the universal transfer authority of the interface key, it was the implicit authorization of the Binance Exchange or a security breach that caused the incident. It means that AntBot stores the secret key with the help of blockchain asymmetric encryption technology, even if it is stolen by hackers, it cannot be decrypted. Therefore, they suspect that hackers have invaded AntBot's server, or a man-in-the-middle attack.

The victim Wang Tianyou explained the response of AntBot customer service to Binance customer service. Binance customer service stated that only the contract and spot permissions are enabled, and the universal transfer permission is not enabled. The interface secret key can also be used to transfer from spot to contract. The original nature of the interface key is not an implicit authorization or security hole of Binance. Therefore, Binance Binance Exchange is still not responsible for this incident, and recommends customers to report the incident to the police, or consult the customer service of AntBot, a third-party trading robot provider.

Binance also gave a link to the government law enforcement request submission system:

https://www.binance.com/zh-CN/support/law-enforcement

He also stated that after the police register on this link and submit relevant identification information, Binance Binance Exchange will fully cooperate with the police investigation, including providing relevant transaction data to the police.

But the victim Wang Tianyou, check out the relevant links of the Binance Fast API authorization and the Binance Broker Program:

https://www.binance.com/zh-CN/link

It was found that because AntBot is a Binance broker and has Fast API permissions, Binance is still online when there are security issues in the authorization of Antbot and Fast API due to poor auditing, resulting in the theft of users’ encrypted currency assets, and Binance should bear joint and several liability .

4 - report details

Event time 2023-03-21 01:00:00

Report Type Computer Sabotage Active Intrusion

Illegal website information 1

Illegal website name (application service name) Binance

Illegal website address (URL) https://www.binance.com

Network application service Other

Illegal application account (APP name) Binance

Illegal website information 2

Illegal website name (application service name) AntBot

Illegal website address (URL) http://www.antrade.io

Network application service Other

Illegal application account (APP name) AntBot

101.36.108.79 101.36.117.216 165.154.41.100 165.154.60.7

101.36.127.124 122.10.161.141 165.154.60.119 165.154.44.65

[Important] Binance government law enforcement requests to submit a link to the system, and the police can contact Binance Exchange through the following link to extract exchange data:

https://www.binance.com/zh-CN/support/law-enforcement

In the previous link, the link to the Chinese law enforcement agencies given by Binance Exchange:

https://app.kodex.us/binance-cn/signup

Binance cryptocurrency exchange website address:

https://www.binance.com