Tutorials News Features FAQ Download Register Free
ZH EN ES FR JA KO
Security

What to Do First If Your Binance Account Is Hacked

2026-03-27 · 11 min read

Discovering your Binance account has been compromised is naturally alarming, but panicking leads to mistakes. Follow the correct steps calmly and in many cases your assets can still be saved. This guide lists what to do in order of urgency. Log in to Binance through official channels to check your account right now, or use the mobile app for faster action.

Most Urgent: Freeze Your Account

If you are certain your account has been compromised (e.g., received an unfamiliar login notification, discovered trades you did not make), the first step is not changing your password -- it is freezing the account immediately.

Freezing methods:

  • In-app: Profile > Security > Disable Account
  • On web: Security Settings > Disable Account
  • Via email: In recent Binance security alert emails, there is usually a "Disable Account" link at the bottom

After freezing, all trading, withdrawals, and login operations are suspended. While you cannot use the account either, at least the attacker is also locked out.

Step Two: Change Your Password

After freezing, change your password. If you can still log in:

  1. Go to Security Settings
  2. Change your login password
  3. Set a new password never used on any other platform
  4. Requirements: at least 8 characters, including uppercase, lowercase, numbers, and special characters

If you can no longer log in (password was changed by the attacker), skip to the "Contact Support" step.

Step Three: Investigate Security Vulnerabilities

After changing your password, check each item:

API keys: Go to API Management and delete any API keys you do not recognize. Attackers often create API keys to control accounts -- even after a password change, API keys remain valid.

Device list: Remove all devices you do not recognize in Device Management.

Bound information: Confirm your email address and phone number are still yours. Contact support if they were changed.

Withdrawal addresses: Check saved withdrawal addresses for any unfamiliar additions and delete them.

Verification methods: Confirm Google Authenticator, SMS verification, and other security settings are normal.

Step Four: Assess Asset Losses

Compare your holdings against what you remember:

  • Is the spot account balance normal?
  • Are there abnormal positions in the futures account?
  • Are there abnormal changes in the funding account?
  • Check withdrawal records for any withdrawals you did not initiate

Document all abnormal transactions and withdrawals with screenshots -- these are needed when contacting support and filing reports.

Step Five: Contact Support

Reach Binance official support through these channels:

  • In-app live chat (fastest)
  • Website support chat in the lower right corner
  • Email to Binance official support

Have this information ready:

  • Account registered email/phone
  • Identity documents
  • Screenshots of abnormal activity
  • Approximate asset loss amount

Support will assist with further investigation. Critical cases are escalated to the security team.

Post-Incident Security Hardening

After the situation is resolved, comprehensively strengthen your security:

  1. Enable all available 2FA verification methods
  2. Set up an anti-phishing code
  3. Enable withdrawal whitelist
  4. Set a completely new strong password
  5. Check the security of your registered email itself (it may have been compromised too)
  6. Run antivirus scans on your computer and phone

Common Causes of Account Compromise

Understanding how it happened helps prevent recurrence:

  • Phishing websites: Entering your password on a fake Binance page -- accounts for the majority of cases
  • Credential stuffing: A password leaked from another site used to attempt Binance login
  • Malware: A trojan on your computer or phone monitoring your keystrokes
  • SIM card hijacking: Your phone number ported by an attacker to intercept SMS verification codes
  • Phishing emails: Clicking malicious links in fake Binance emails

FAQ

Q: Can stolen assets be recovered? A: If assets were already withdrawn to an on-chain address, recovery is very difficult. However, still contact support and file a police report. If assets remain within Binance (transferred to another Binance account), recovery chances are better.

Q: How do I unfreeze after freezing? A: Contact support and pass identity verification to unfreeze. After unfreezing, there is a security cooling period during which withdrawals are restricted.

Q: Should I file a police report? A: Recommended, especially for significant losses. Preserve all evidence screenshots including abnormal transaction and withdrawal records.

Q: How do I tell if it was hacked vs. my own mistake? A: Check login records for IP addresses and device info. If you see devices you have never used or IPs from locations you have never visited, it is almost certainly a compromise.

Security Reminder

After being hacked, do not publicly seek help on social media saying "my Binance account was hacked." This attracts scammers impersonating customer service who will privately message you for a secondary scam. All requests for help should go through Binance's official in-app support channel. Do not trust anyone who contacts you proactively.

Related

How to Handle Binance 2FA After Switching Phones 2026-03-27