Brinztech Alert: Alleged Database of Rewardy.io is on Sale (2.2 Million Users)

Dark Web News Analysis

A threat actor on a known hacker forum is offering a database purportedly belonging to Rewardy.io, a “Watch-to-Earn” platform that rewards users with cryptocurrency. The breach, dated December 8, 2025, allegedly impacts 2.2 million users, with the dataset priced at $1,500.

Brinztech Analysis:

• The Target: Rewardy.io attracts users interested in cryptocurrency and passive income. This demographic is a prime target for crypto-drainer scams.
• The Data:
  • User Volume: 2.2 million total records.
  • Credentials: 416,000 records include passwords hashed with bcrypt. While bcrypt is a strong hashing algorithm, weak user passwords can still be cracked. The remaining ~1.8 million records likely authenticated via OAuth (Google/Twitch login), meaning only their email and profile info were exposed, not their passwords.
  • Wallet Data: Given the platform’s nature, the leak likely includes Crypto Wallet Addresses linked for payouts.
• The Timing: The breach is extremely recent (two days ago), meaning the data is “fresh” and has high utility for attackers launching immediate campaigns.

Key Cybersecurity Insights

This alleged data breach presents specific risks to the crypto-earning community:

• Credential Stuffing: The 416,000 hashed passwords will be targeted by “cracking” rigs. Once cracked, attackers will test these Email/Password pairs against major crypto exchanges (Binance, Coinbase) and email providers.
• Targeted “Wallet Connect” Phishing: Users are accustomed to connecting wallets to Rewardy to receive payouts. Attackers can send phishing emails: “Rewardy Security Update: Re-connect your wallet to process your pending December payout.” This leads to a malicious site that drains the wallet.
• OAuth Token Risk: For the 1.8 million users without passwords, the risk shifts to phishing. Attackers know these users use Google/Twitch to log in and may craft specific “Social Login Security Alert” emails to steal those credentials.

Mitigation Strategies

In response to this claim, Rewardy.io users must take immediate action:

• Password Reset (Non-OAuth Users): If you registered with a username and password, change it immediately. If you reuse that password elsewhere, change it there too.
• Revoke Wallet Permissions: As a precaution, revoke any “Token Allowances” granted to Rewardy smart contracts until the platform confirms the security status.
• Be Skeptical of “Payout” Emails: Ignore any email claiming you have a “Pending Payout” that requires you to click a link or download a file.
• MFA Enforcement: Enable 2FA on your email account. Since many Rewardy users use simple passwords, the email account is the next logical target.

Secure Your Business with Brinztech — Global Cybersecurity Solutions Brinztech protects organizations worldwide from evolving cyber threats. Whether you’re a startup or a global enterprise, our expert solutions keep your digital assets safe and your operations running smoothly.

Questions or Feedback? For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com