April continues to witness a surge in user data from major crypto companies, including Ledger, Gemini and Robinhood, sold on Dark Web.
Leaked information includes your full name, address, city, state, zip code, phone number, email address, country, etc. This violation has sparked serious concerns about cybersecurity in the crypto sector. This is already tackling the rise in online threats.
How do user details end on a dark web?
The Dark Web Informer account on X (formerly Twitter) recently shared a nasty update. The account claims to sell data from well-known cryptographic platforms, including Ledger, Gemini and Robinhood.
Dark Web Informer posted a screenshot showing sellers have access to detailed user information, from their phone number to their home address. Most affected users are based in the US, consistent with the major user bases of Gemini and Robinhood.
Threat actors who sell data for Ledger, Gemini and Robinhood users. Source: X/Dark Web Informer
So far, none of the platforms mentioned have issued an official statement regarding reported omissions.
This is not the first time such an incident has occurred. In 2021, Robin Hood suffered a violation in which hackers stole over five million email addresses and two million customer names. The attack harnessed customer support employees through social engineering.
A more recent report from Beincrypto reveals that similar data breaches have also affected over 100,000 users. The compromised data includes similar personal information that belongs primarily to US-based users. A small portion includes users from Singapore and the UK.
Experts at Dark Web Informer believe that these leaks are likely not due to system violations within the exchange. Instead, they point to phishing attacks as a presumed cause. Phishing scams trick individuals into sharing sensitive data by impersonating trustworthy entities and suggesting that the exchange itself is not directly compromised.
However, the size of the leak, which impacts hundreds of thousands, emphasizes that many users are still prey to such tactics. Increased use of AI can exacerbate the problem. AI-driven fraud, deep-fark fraud, synthetic fraud, and automated phishing attacks are becoming more sophisticated and difficult to detect.
“Beware. Your data may already be public,” warned Dark Web Informer.
Meanwhile, Beincrypto’s investigation pointed out that there is an increase in user complaints about X regarding phishing messages. Many users reported that scam messages disguised as coming from the official sender ID of Binance used for authentication alerts deceived them. Somehow, the attacker was able to obtain the user’s phone number.
In response, Binance’s chief security officer told Beincrypto that the company has expanded its anti-phishing code capabilities. This update includes SMS verification to combat the issue.
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
