Darkweb actors claim to have over 100K of Gemini, Binance user info
Update, March 28, 10:50 am UTC: This article has been updated to include comments from a Binance spokesperson.Darkweb threat actors claim to have hundreds of thousands of user records — including names, passwords and loc...
Archive context
Older archive item. Useful for background and entity history, but not a fresh market-moving signal.
Update, March 28, 10:50 am UTC: This article has been updated to include comments from a Binance spokesperson.
Darkweb threat actors claim to have hundreds of thousands of user records — including names, passwords and location data — of Gemini and Binance users, putting the apparent lists up for sale on the internet.
The Dark Web Informer, a Darkweb cyber news site, said in a March 27 blog post that the latest sale is from a threat actor operating under the handle AKM69, who purportedly has an extensive list of private user information from users of crypto exchange Gemini.
“The database for sale reportedly includes 100,000 records, each containing full names, emails, phone numbers, and location data of individuals from the United States and a few entries from Singapore and the UK,” the Dark Web Informer said.
Source: Dark Web Informer
“The threat actor categorized the listing as part of a broader campaign of selling consumer data for crypto-related marketing, fraud, or recovery targeting.”
Gemini didn’t immediately respond to Cointelegraph’s request for comment.
A day earlier, Dark Web Informer said another user, kiki88888, was offering to sell Binance emails and passwords, with the compromised data reportedly containing 132,744 lines of information.
Source: Dark Web Informer
Binance says leaked info came through phishing, not data leakA Binance spokesperson told Cointelegraph that the exchange is aware of recent claims circulating regarding a potential data breach involving Binance.
“We want to clarify that there has been no data leak from Binance’s systems. Our security team has been actively monitoring a known hacker on the Dark Web who collects data by compromising browser sessions on infected computers,” the spokesperson said.
In a follow-up post, the Dark Web Informer also alluded to the data theft being a result of user’s tech being comprised rather than a leak from Binance, saying, “Some of you really need to stop clicking random stuff.”
Source: Dark Web Informer
In a similar situation last September, a hacker under the handle FireBear claimed to have a database with 12.8 million records stolen from Binance, with data including last names, first names, email addresses, phone numbers, birthdays and residential addresses, according to reports at the time.
Binance denied the claims, dismissing the hacker’s claim to have sensitive user data as false after an internal investigation from their security team.
Related: Binance claims code leak on GitHub is ‘outdated,’ poses minor risk
This isn’t the first cyber threat targeting users of major crypto exchanges this month. Australian federal police said on March 21 they had to alert 130 people of a message scam aimed at crypto users that spoofed the same “sender ID” as legitimate crypto exchanges, such as Binance.
Another similar string of scam messages reported by X users on March 14 spoofed Coinbase and Gemini attempting to trick users into setting up a new wallet using pre-generated recovery phrases controlled by the fraudsters.
Magazine: Lazarus Group’s favorite exploit revealed — Crypto hacks analysis
Why this matters
This cryptocurrency story adds another data point to the current market tape and is useful when read alongside nearby source coverage.
Original source
Read on CointelegraphRelated market context
DeFi’s Newest Threat: How Malicious Liquidity Pools Are Trick-Quoting Ethereum and Polygon Users
DeFi infrastructure firm Enso has identified a new class of malicious liquidity pools called “toxic pools.” Unlike traditional exp...
BTCC Exchange Q2 2026 Growth Report: TradFi Volumes Triple, 12M Users Reached as Exchange Marks 15 Years
George Town, Cayman Islands, July 17th, 2026, Chainwire BTCC, the world’s longest-serving cryptocurrency exchange, today released...
Binance recovers $1B in user funds to combat illicit activity
Binance's recovery of $1B in user funds highlights its transformation into a compliance leader, yet underscores ongoing illicit ac...
OKX Europe lets users convert USDT to MiCA-compliant USDC
The feature offers European customers a voluntary path away from Tether’s USDT as MiCA rules reshape the region’s stablecoin marke...
Bitcoin Price Falls Under $63,000 on U.S.-Iran Strikes and Trump’s China Charge, but Onchain Data Points to Buyers
Bitcoin Magazine Bitcoin Price Falls Under $63,000 on U.S.-Iran Strikes and Trump’s China Charge, but Onchain Data Points to Buyer...
Google Gemini AI Reveals Shocking Solana Price Target for 2026
Google Gemini AI predicts a Solana price target that skips the usual talking points and goes straight to a number that made us pau...