Kraken is undergoing unconfirmed allegations that it is selling its internal customer support systems to dark web forums.
The claims have raised some questions because big exchanges are facing the increasing threats of social engineering.
A rumor on X indicates that there is a listing in the dark web offering read-only privileges to the internal support panel at Kraken. The listing appeared as the insider threats were more closely observed on centralized crypto exchanges.
Dark web listing sparks concern but lacks confirmation
A surveillance account, which monitors illegal listings as Dark Web Informer, charges as little as one dollar. The seller is said to say there is a limited period during which the access is negotiable.
Screenshots posted on the internet depict one of the forum users, named ransomcharger, advertising the supposed access. The seller asserts that it enables one to see their user profiles, records of transactions, and customer support tools.
The listing also asserts that the system access could be invoked in the creation of support tickets. Such tickets would then be used to phish users or gather personal information.
The listing is not substantiated with any independent evidence. Kraken has not authenticated any attack or unauthorized access to its internal systems.
Alleged access could expose sensitive customer data
It is claimed that the access does not depend on IP restrictions and is executed on the own infrastructure of Kraken. It claims to be able to get complete KYC records, according to the seller.
All these are said to contain identity documents, selfies, address evidence, and self-reported sources of funds. The listing states that access to it might take one or two months.
The seller as well asutes that time-based authentication codes lapse in February. These claims have not been checked by any external security company or exchange.
There is no evidence of the alleged breach, which was discovered by Cryptopolitan. The support team of Kraken has not given any warning to the users.
Social engineering attacks put exchanges under pressure
The assertions follow reported incidents of social engineering at other larger exchanges. In mid-2025, Kraken and Binance were hit by bribery attempts made against the support teams by attackers.
Those efforts had failed because of layered access controls and monitoring systems. Coinbase was not as lucky as the same campaign.
The Coinbase team would later confirm that they had been bribed by the overseas support agents. The unprotected information contained names, addresses, incomplete KYCs, and balances.
Hackers tried to blackmail Coinbase to the tune of twenty million dollars. The exchange declined and called the police.
Coinbase is putting the cost of the breach at four hundred million dollars. Binance and Kraken indicated that internal controls helped avoid such losses.
Kraken has claimed to restrict access by employees and track internal action. Analytics helps its security team to prevent attacks and identify suspicious activity.
Coinbase has just verified the arrest of a former support agent in India. The US prosecutors also accused a man who had posed as a Coinbase employee.
The case indicates the increasing risk of insider abuse in crypto platforms. Users of Kraken are also encouraged to be cautious because the investigation is still going on.
