Data of 200 thousand cryptocurrency wallet users for sale; Shopify exploit used for hack

The cryptocurrency community has suffered a severe blow. According to experts in a hacking course, a malicious hacker managed to extract the databases of Trezor, Ledger and Keepkay, which provide solutions for storing virtual assets. The incident has been attributed to the hacker responsible for the recent data breach in an Ethereum.org forum, which is apparently selling the information of these three companies.

The three compromised databases appear to contain information from around 80,000 users and include details such as:

  • Full names
  • Addresses
  • Phone number
  • Email address

It should be noted that the databases do not include passwords to access cryptocurrency accounts. The cybercriminal that perpetrated the intrusion also recently listed the SQL database for BnkToTheFuture, an online investment platform.

According to the specialists of the hacking course, over the past weekend, the cybercrime monitoring website Under the Breach detected hacker listings for databases from major cryptocurrency storage providers. The person responsible for the hacking of these companies claims to have personal information of more than 40,000 Ledger users, more than 27,000 Trezor users and 14,000 KeepKey customers.  

In addition, some chat logs, posted on Twitter, indicate that the information was extracted by exploiting a security vulnerability present in Shopify. In this regard, a spokesperson for the popular e-commerce platform stated, “We initiated an internal investigation and no evidence was found to support this information,” so it is not yet confirmed what method the hacker used to access this data.

Hacking course experts mention that this is not the only information controlled by this hacker; the databases of 18 exchange platforms and forums for cryptocurrency enthusiasts were also put up for sale by this cybercriminal, this information includes the full SQL of the Korbit exchange platform (with more than 4,000 users), three databases of the Mexican platform Bitso, in addition to the information of cryptocurrency wallet companies.

In his ad, the hacker mentions that he will only sell this information for a huge amount: “Don’t offer low amounts,” he warns. According to the International Institute for Cyber Security (IICS), some of the allegedly compromised platforms claim that no signs of anomalous activity have been detected in their IT infrastructure; so many experts doubt the veracity of cybercriminal claims. Investigations will continue until these leaks can be safely confirmed or denied.