The promotional plugin steals cookies from users, which hackers use to bypass password and two-factor authentication verification and log into the victim’s Binance account.
Source: https://cointelegraph.com/news/hackers-steal-millions-chrome-plugin-binance-scam
