Hackers on darknet forums are allegedly selling the personal data of users from major crypto exchanges Binance and Gemini. According to Dark Web Informer, a user under the alias “AKM69” posted an ad offering a database of 100,000 records reportedly tied to Gemini.
The dataset includes full names, mailing addresses, phone numbers, and geolocation data — primarily from U.S. citizens, as well as users from Singapore and the United Kingdom.
It is believed that this data could be exploited for marketing crypto-related products or used in phishing schemes and other types of fraud.
Binance Leak Details
Shortly before that, on March 26, another darknet user going by the alias “kiki88888” offered a separate database for sale, allegedly linked to Binance. This dataset contains more than 132,000 records, including email addresses and passwords.
The source of the breach remains unconfirmed. According to Dark Web Informer, the hack likely occurred on the user side rather than through a breach of Binance itself. The leak may have resulted from compromised devices or malicious links.
Back in September 2024, a hacker named “FireBear” claimed to possess 12 million Binance user records, including personal data such as birthdates and addresses. Binance denied the claim following an internal investigation.
Surge in Attacks Targeting the Crypto Community
March 2025 has seen a wave of cyberattacks targeting cryptocurrency users:
- On March 21, the Australian Federal Police alerted 130 individuals about phishing messages that impersonated crypto exchanges — including Binance — using spoofed sender names.
- On March 14, users on X (formerly Twitter) reported phishing attempts impersonating Coinbase and Gemini. Attackers sent messages urging recipients to create a wallet using a pre-generated recovery phrase, which was already known to the scammers.
- In early March, Microsoft stated the discovery of a new threat targeting crypto users — StilachiRAT malware, capable of remotely controlling infected devices. This malicious software specifically targets browser-based crypto wallet extensions in Google Chrome and is designed to steal confidential information.
Microsoft security experts advise users to:
- Use antivirus solutions.
- Enable cloud-based phishing protection tools.
- Implement advanced anti-malware systems.
These events underscore the increasing risk faced by crypto holders, particularly as attackers continue to develop sophisticated methods aimed at harvesting personal and financial data from the digital asset community.
This post is for informational purposes only and is not an ad or investment advice. Please do your own research making any decisions.