Using the Customers’ Hacked Data in Cryptocurrency Exchanges for Sale on Dark Web

Last Modified:12 May 2020 14:44:49
Using the Customers’ Hacked Data in Cryptocurrency Exchanges for Sale on Dark Web

According to the report which has recently published, a hacker with the nickname of ExploitDOT has claimed hacking cryptocurrency exchanges information related to the customers’ personal data from large exchanges like Bittrex, Bitfinex, and Binance. In an advertising post, he has remarked that he will sell the information on Dark Web market.

You might have heard about the Dark Web. The place where many people consider as unauthorized information and financial exchange, and there is no need to have special access for membership or using its resources. This part of the web is the source of many transactions we currently hear in the field of cryptocurrency. In fact, it can be stated that the hacked documents are present on the Dark Web and these hacked currencies are traded there. A source called Dread started hacking many cryptocurrency exchanges known as Know Your Customer (NYC) and sells it at the market with the same name on the Dark Web. To obtain exchanged cryptocurrency information, the hacker released an online ad in 2018 through which gave access to the people’s identification features at valid digital markets like Bittrex and Binance. These customers’ data have been priced $10 or more per 100 existing documents and consider some discounts for the customers inclined to buy much more of this information. The interesting point is that according to CNN, this vandal ad continues extracting the people’s information!

Bittrex is one of the big cryptocurrency exchanges the most transactions done by it was in Bitcoin and Ethereum. This exchange has about 90% of cryptocurrencies to trade in its list, and there are numerous daily transactions there. Moreover, Bittrex is a very reliable exchange owning two-step identity verification.

Was It a True Claim and Has Such an Extensive Leakage Occurred?

Cybersecurity experts who tended not to disclose their identity, through a call to CNN, say that they could palm off themselves as the buyers and exchange information with the hacker. Further, they have revealed the pictures of those doing purchases besides their identity documents for CNN. Those who sell these identity documents say that they have valid documents from the people working in this realm. The major hacker of these documents introducing him/her as Exploit-DOT saves and sells their identification documents through leaking into cryptocurrency exchanges and obtaining transaction parties’ identity information. It is stated that the hacker, even accesses to the users’ selfie images and small paper receipts on which Binance exchange name has been written.

The Reactions to the News of Leaking to Valid Cryptocurrency Systems

One of Binance cryptocurrency exchange managers has recently stated that there are some theories about how this person was able to access to this valuable information, and there was not observed any sign of unauthorized access to these systems. From the other hand, there was an announcement from Cryptopia cryptocurrency exchange, its customers have been the victim of these hackers too, claiming that millions of cryptocurrencies have been stolen from this service and have never been returned. Based on many experts, in case this piece of news is true and these cryptocurrencies are such permeable, a massive catastrophe has occurred which can destroy public trust to the security of service provides of valid cryptocurrencies. This claim has first been proposed by CNN news website and followed by the reaction of the managers supplying cryptocurrency exchange services. It is told that breaking the encrypted codes of cryptocurrency communications should be seriously revised to lower the dimensions of the recent catastrophe somehow. Besides, there has not been offered any alternative to prevent such occurrences and there even have been some criticisms on the manner of exploring and diagnosing breaches and such extensive leakages to cybersecurity activists. The outcome of such incidences is something which will be clear in the future.