Discovering your Binance account has been compromised is terrifying, but staying calm is essential. The right response can minimize losses or even fully recover stolen assets. If you can still log in, immediately go to the Binance official website or the official Binance app to take emergency measures. iPhone users see the iOS installation guide.

Signs Your Account Is Compromised

These indicators suggest your account may have been breached:

  • Unexpected login notification emails or SMS
  • Withdrawal confirmation emails you did not initiate
  • Sudden decrease in assets after logging in
  • Password changed — cannot log in
  • Google Authenticator unbound or reset
  • Login notifications from unfamiliar devices
  • Trade orders you did not place

Emergency Response Steps (Priority Order)

If you can still log in:

Step 1: Freeze your account immediately — The most urgent action. In the app: Profile > Security > Disable Account. This instantly freezes all trading and withdrawal functions. On the web: Security Settings > Disable Account. You can also request emergency freeze via email.

Step 2: Change password — Create a completely new, complex password with no connection to the previous one.

Step 3: Reset Google Authenticator — If you suspect it was compromised, rebind with a new setup.

Step 4: Audit security settings — Check "Device Management" and remove all unrecognized devices. Check for unknown API keys and delete them. Verify withdrawal whitelist has not been modified. Confirm email and phone have not been changed.

Step 5: Review transaction history — Check for unauthorized trades and withdrawals. If any exist, record the details (amount, address, time) for the appeal process.

If you cannot log in:

Step 1: Try password reset — Use "Forgot Password" on the login page. If the email was also changed, proceed to Step 2.

Step 2: Contact Binance support — Via the website's live chat, email, or official social media accounts. Provide your identity information, registration email, and UID to request emergency account freezing.

Recovery Process

Submit a security ticket in Binance's Help Center with: your UID or registration email, ID document photos, registration date, recent transactions, and any evidence of the breach. Detailed description of what happened.

Cooperate with the investigation — Binance's security team will investigate. If stolen funds have not left the platform, they may be frozen and recovered. Funds transferred to external addresses are harder to recover, but Binance cooperates with law enforcement.

Consider filing a police report — For significant losses, report to local authorities with all available evidence including transaction records, timestamps, and wallet addresses.

Prevention Is Better Than Recovery

  1. Enable all security verification: Password + Google Authenticator + SMS + Email
  2. Use a strong password: At least 16 characters with mixed types, unique to Binance
  3. Enable withdrawal whitelist: Restrict withdrawal addresses
  4. Set anti-phishing code: Identify phishing emails
  5. Avoid unsafe devices: No public computers or rooted phones
  6. Never click unknown links: Especially ones claiming to be from Binance
  7. Never share verification codes: Real Binance support never asks for passwords or codes
  8. Regular security audits: Check login devices and settings weekly

Security is never trivial, especially when significant assets are involved. Investing time in prevention is far better than the pain of dealing with a breach after the fact.