The cryptocurrency industry has been hit with another privacy issue, as three of the top wallet providers are now facing an information breach. According to multiple reports, a notable hacker has gotten a hold of customer information from Ledger, Trezor, and KeepKey. Now, the hacker is looking to sell them on the Internet.
A Prolific Hacker at Work
The sale first got noticed by Under the Breach, a popular cybercrime monitoring website. In a report, the company confirmed that it came upon the seller trying to list the databases of the wallet providers.
Both of which obtained from a @Shopify exploit.
(suggesting there are many more underground leaks).
— Under the Breach (@underthebreach) May 24, 2020
The three databases contain information such as names, addresses, phone numbers, and Email addresses for over 80,000 users in total. However, the databases don’t contain wallet keys or any other information that could provide access to the wallets.
The accounts are further divisible into 41,500 Ledger users, over 27,100 Trezor users, and KeepKey’s 14,000 customers. Also, the hacker has recently listed the SQL database for BnkToTheFuture, an online investment platform.
The hacker in question appears to be prolific – especially when it comes to crypto crime. Under the Breach explains that the same individual holds the databases of 18 virtual currency exchanges and cryptocurrency forums. The hacker is also reportedly looking to sell the Email lists of two crypto tax platforms.
All of these databases include the SQL files for popular South Korean crypto exchange Korbit (which includes 4,500 users), three databases for Latin American trading platform Bitso, and the complete account information for several blockchain platforms such as Plutus, Nimirum, and Blockcypher. For the sale, the hacker has expressed a desire for only high bids.
Cyber Crime Is on the Upsurge
It’s unclear when the other hacks took place. However, the report is coming at a time when cyber crime is rampant. With more people and companies relying on the Internet to conduct banking and other financial transactions, hackers have been more than happy to pounce whenever they see an opportunity.
This week, cybersecurity news outlet Krebs on Security noted hackers had successfully compromised the IT systems of Fresenius, a German hospital that’s reported to be the largest private hospital in Europe.
Citing an anonymous source, the news medium confirmed that the hackers successfully deployed a ransomware known as Snake. The ransomware in question only came into prominence this year, and it has already gained a reputation for targeting large companies. Speaking to the news source, Matt Kuhn, a spokesperson for Frenesius, confirmed the hacks.
“I can confirm that Fresenius’ IT security detected a computer virus on company computers. […] As a precautionary measure in accordance with our security protocol drawn up for such cases, steps have been taken to prevent further spread.”
Other industries – including technology, financial services, and crypto – have reported a jump in attack attempts. With the pandemic still in full effect, everyone is a potential victim at this point.