Skip to content
- Hackers are auctioning stolen Gemini and Binance user data on Darkweb forums, sparking user concern.
- Stolen data includes emails, passwords, and locations, used in scams, identity theft, and crypto fraud.
- Cyberattacks on crypto users are rising as stolen data fuels phishing scams and fake wallet recovery schemes.
The data stolen from Gemini and Binance exchange are being sold by hackers online through the Darkweb. This is in full names, phone numbers, emails, passwords, and the user’s location details as found in the leaked records. The listings have been posted on popular cybercrime platforms. As earlier stated, the attackers will sell the data to the highest bidder. These listings have elicited a lot of concerns to the users of the two popular cryptocurrency trading platforms.
Gemini Breach Details
The hacker behind the Gemini breach has identified himself as “AKM69”. The threat actor claims they managed to steal user information of over one hundred thousand individuals. A vast majority of the victims are people living in the United States of America. Others are from United Kingdom as well as Singapore. The stolen data is being sold to be used in scams, frauds, and identity thefts as well as fraudulent cryptocurrency related activities.
The listing was reported by the Cybercrime tracker Dark Web Informer. At the firm, Gemini, there has not been any respond to these topics by the management of the firm. The data seems to be potential be utilized for email phishing, and hoax and pretend recovery schemes. They encourage users to change their password and turn on two-factor authentication.
Binance Data on Darkweb
The latter exploited a different prospect and only a day before another hacker with ID “kiki88888” posted a leak. This time, it involved Binance and streamed several data into its server. Therefore, the hacker linked 132,744 email and password. Whether it was an inside job or the hackers got the data from a third party, it is still uncertain whether Binance was hacked.
According to Dark Web Informer, there was no hacking of the Binance system. Rather, they opine that the users could have clicked on phishing links into the fake sites with the intention of defrauding people. These attacks are successful in most cases because most people do not even know it is happening.
On March 21, the Australian Federal Police sent a letter to 130 users of cryptocurrencies and informed them of a scam. Fraudsters also used fake sending numbers mimicking Binance to target the users. This was done to obtain user credentials through these fake alerts.
Before that, on March 14, another phishing attempt was made aimed at Coinbase and Gemini users. Hackers required the victims to create fresh new wallets by means of the recovery phrases. All these were set and powered by the attackers prior to the eventuates. It was to be noted that once the users entered, the scammers cleared the wallets of the affected users.
These growing threats are rather showing a pattern. Cybercriminals are increasingly venturing into the Darkweb to attack users of crypto more frequently. The experts over the world argue that increased access to personal details is behind this trend.
