Dark web threat actors are allegedly selling data belonging to more than 100,000 users from major cryptocurrency exchanges Binance and Gemini.
According to cyber intelligence site Dark Web Informer, a dark web user identified as AKM69 offers Gemini user information, including full names, email addresses, phone numbers, and location details.
Stolen data marketed for fraud and targeted attacks
Dark Web Informer reported that the data up for sale is primarily from individuals in the United States, with some entries from Singapore and the United Kingdom. The seller described the database as part of a larger campaign aimed at crypto-related marketing, fraud, and recovery schemes.
The cyber intelligence site also recently warned about another dark web user, kiki88888, who claimed to be selling Binance emails and passwords. This compromised data allegedly contained 132,744 records. A snapshot shared by Dark Web Informer on X revealed that nearly 501,000 devices had been compromised, including 24 corporate emails.
No Binance or Gemini database breach confirmed
Dark Web Informer clarified that the stolen data did not originate from a breach of Binance or Gemini systems. Instead, the cybercriminals reportedly obtained the information by exploiting vulnerabilities in users’ personal technology. The site urged crypto users to be cautious about phishing attacks and avoid clicking on suspicious links.
This is not the first time Binance has been linked to dark web data leaks. Last September, another hacker claimed to have a massive database of Binance user information containing 12.8 million records. However, Binance conducted an internal investigation and dismissed the claims as false.
Cyber threats target crypto users worldwide
Crypto exchange users remain a frequent target for cybercriminals. On March 21, Australian federal police issued a warning about a message scam targeting exchange users. Attackers used fake sender IDs to impersonate legitimate platforms, including Binance, to deceive users.
One week earlier, on March 14, X users flagged another phishing scam imitating Coinbase and Gemini. Attackers tricked victims into creating new wallets using pre-generated recovery phrases controlled by cybercriminals. Once users transferred funds, they lost access to their assets.
Crypto users continue to face ongoing security risks based on these recent events. According to security experts users should activate two-factor authentication while also checking sources before entering information and employing hardware wallets for maximum protection.