Brinztech Alert: Data of Many American Crypto Companies are on Sale

Dark Web News Analysis

A threat actor on a known cybercrime forum is claiming to sell a large, aggregated collection of data that they allege originates from a wide range of American cryptocurrency companies. The seller’s post lists several major platforms as potential sources, including Binance USA, Coinbase, Crypto.com, Gemini, and RobinHood. The purportedly compromised data includes user information such as names, emails, and phone numbers, and may have been obtained or verified through a “crypto checker” tool.

This claim, if true, represents a significant and widespread threat to the entire US cryptocurrency community. Rather than a single company breach, this appears to be a “master list” of American crypto users, likely compiled from multiple breaches and credential stuffing campaigns. This allows criminals to bypass the general public and focus their most sophisticated and convincing phishing and social engineering attacks on a pre-qualified audience of asset holders.

Key Cybersecurity Insights

This alleged data sale presents a critical, ecosystem-wide threat to US crypto users:

• An Ecosystem-Wide “Master List” for Scammers: The primary threat is the creation of a massive, consolidated list of known American crypto users. This allows criminals to launch broad yet highly targeted phishing, smishing (SMS phishing), and vishing (voice phishing) campaigns, knowing that every recipient is a potential holder of valuable digital assets.
• High Risk of Widespread Credential Stuffing: The mention of a “crypto checker” is a strong indicator that the data is the result of, and will be used for, credential stuffing. Attackers test email/password combos from other breaches against crypto sites. The data for sale is likely a list of the successful hits, which are highly valuable for immediate account takeovers.
• A Goldmine for SIM Swapping Attacks: With a verified list of US crypto owners and their phone numbers, criminals have a perfect target list for conducting large-scale SIM swapping attacks. By taking over a victim’s phone number, they can intercept two-factor authentication codes and drain their accounts.

Mitigation Strategies

Given the broad and unspecified nature of this threat, all American cryptocurrency users should take immediate and decisive action:

• Assume You Are a Target and Practice Extreme Vigilance: Every individual in the US involved in cryptocurrency should operate under the assumption that their data is part of such a collection. It is critical to treat all unsolicited crypto-related communications—including emails, texts, and social media messages—with the highest level of suspicion.
• Enforce Maximum Security on All Accounts: Users must use strong, unique passwords for every crypto service they use. More importantly, it is essential to enable the strongest form of Multi-Factor Authentication (MFA) available, prioritizing hardware security keys and authenticator apps over less-secure SMS-based 2FA.
• Secure Your Mobile Phone Account: To protect against SIM swapping, contact your mobile phone carrier and add a security PIN or password to your account. This makes it significantly harder for an attacker to fraudulently port your number to a new device.

Secure Your Organization with Brinztech As a cybersecurity provider, we can protect your business from the threats discussed here. Contact us to learn more about our services.

Questions or Feedback? For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com