What to Do If Your Binance Account Gets Hacked
Freeze Your Account Immediately
Don't panic when you discover your account has been compromised, but act quickly. The first thing to do is immediately freeze your Binance account to stop the attacker from further operations.
If you can still log in, go to "Profile" > "Security Settings," find the "Disable Account" option, and click it. Once disabled, all trading and withdrawal functions on the account will stop immediately. You can also click "Forgot Password" on the login page to trigger the security protection mechanism.
If the password has already been changed and you cannot log in, you can find a "Freeze Account" link at the bottom of the login notification emails Binance sends to your email, allowing you to freeze the account with one click. Every security alert email from Binance contains this emergency link — it's a quick-response mechanism specifically designed for situations like this.
While freezing the account, also check whether your registered email has been compromised. If the email password has also been changed, regain control of your email first; otherwise, the subsequent account recovery process will be much more difficult.
Contact Binance Support to Initiate Account Recovery
After freezing the account, the next step is to contact Binance's official customer support. You can find the live chat entrance at the bottom right corner of the official Binance website, or submit a ticket by emailing the official support address.
When contacting support, you'll need to provide the following information: your registered email or phone number, the identity documents used during registration, screenshots of recent deposits and trades, and any other evidence proving you are the account owner (such as previously bound device information).
Support will verify the information you provide. Once approved, they will help you reset your password and security verification methods so you can regain control of the account. This process typically takes 1 to 3 business days, depending on the complexity of the case.
While waiting for support to process your case, if you discover that funds have been transferred out of your account, compile a detailed timeline and relevant evidence of the theft. Binance has a dedicated security team responsible for tracking on-chain fund flows. While recovery isn't guaranteed, cooperating with the investigation can improve the chances of recovering your assets.
Security Hardening After Account Recovery
After recovering your account, don't rush into trading — first review and strengthen all your security settings.
Change to a strong password you've never used before. The password should be at least 12 characters long, combining uppercase and lowercase letters, numbers, and special symbols. Do not reuse a password from another website, as the breach was very likely caused by a credential stuffing attack using a password leaked elsewhere.
Re-bind Google Authenticator and make sure to back up the key. If you hadn't set up Google Authenticator before, make sure to enable it this time. Also check that phone verification and email verification are working properly — it's recommended to enable all three verification methods.
Check the API key management page. The attacker may have created API keys to remotely operate your account. Delete any API keys you don't recognize.
Enable the withdrawal whitelist feature. With a whitelist set up, funds can only be withdrawn to addresses you've pre-approved. Even if someone gains access to your account, they won't be able to transfer funds to unfamiliar addresses.
Finally, set up an anti-phishing code so that every genuine email from Binance will display your unique identifier, helping you effectively distinguish phishing emails from real ones. After experiencing a security breach, making sure every layer of protection is in place is the best way to prevent a similar incident from happening again.