Threat actors operating on the dark web are allegedly offering a vast trove of user data—including names, passwords, and geographical details—belonging to users of both Gemini and Binance for sale online.
According to a blog post published on March 27, an individual using the alias AKM69 claims to possess an extensive database containing sensitive information from customers of the cryptocurrency exchange Gemini.
The database reportedly comprises 100,000 entries featuring full names, email addresses, phone numbers, and location information for individuals primarily from the United States, along with a handful of records from Singapore and the UK.
Source: Dark Web Informer
The individual categorizing these listings has branded them as part of a wider scheme to sell consumer data for purposes related to cryptocurrency marketing, fraud, or recovery.
Gemini has not yet responded to requests for comments regarding this matter.
The day before, it was reported that another actor known as kiki88888 was attempting to sell compromised Binance email addresses and passwords, with the data allegedly including 132,744 rows of information.
Source: Dark Web Informer
Binance asserts leaked data originated from phishing, not a breach
In an interview, Binance clarified that the compromised information circulating on the dark web did not stem from a data breach at the exchange. Instead, it was collected by hackers through the exploitation of infected devices via malware.
In a follow-up update, the reporting site hinted that the data theft was due to the compromise of users’ personal devices rather than any leaks from Binance itself, advising that “Some of you really need to stop clicking random stuff.”
Source: Dark Web Informer
Last September, a hacker known as FireBear claimed to possess a database containing 12.8 million records taken from Binance, which included personal details such as surnames, forenames, email addresses, phone numbers, birthdates, and residential addresses, as reported at that time.
Binance refuted these allegations, stating that the claims made by the hacker regarding sensitive user data were unfounded following an internal investigation by their security team.
Related: Binance claims code leak on GitHub is ‘outdated,’ poses minor risk
This is not the first cybersecurity threat affecting users of major cryptocurrency exchanges seen this month. On March 21, Australian federal police alerted 130 individuals about a phishing scam targeting crypto users that imitated legitimate exchanges like Binance by spoofing the “sender ID.”
A similar wave of scam communications was reported by users on X on March 14, where they impersonated Coinbase and Gemini to deceive users into creating new wallets using recovery phrases pre-controlled by the scammers.
Magazine: Lazarus Group’s favorite exploit revealed — Crypto hacks analysis