Bitcoin exchange Gemini revealed during the week that it was the target of phishing attacks from a third-party leak. New reports indicate that this information has been on sale since September.
Bitcoin exchange customer information is for sale on hacker forums
On December 14, Gemini announced that a number of its users were victims of phishing attacks stemming from third-party vendor leaks. Reports indicate that the leak contained “approximately 5,701,649 lines of information on Gemini customers.” Meanwhile, Gemini did not disclose how many customers were affected by the breach. In addition, according to Bleeping Computer’s cybersecurity writer Ionut Ilascu, information from Gemini’s customer information leak went up for sale on hacker forums as early as September 2022.
Three days ago, we reported that Gemini leaked the data of 5.7 million users. In the middle of this information, there is information that includes users’ phone numbers and e-mail addresses. Now, crypto reporter Zhiyuan Sun details the paperwork showing “5,701,649 lines of information on Gemini customers.”
Gemini addressed this issue in a blog post on December 14, 2022. He explained that the breach was likely caused by a third-party vendor. The exchange did not disclose how many customer accounts were affected. It also did not share which third-party vendor was responsible for the data breach. The next day, following the release of Gemini’s blog post, Bleeping Computer cybersecurity author Ionut Ilascu published an article explaining that Gemini’s leaked database has been available for sale since September 2022.
Hackers are demanding 30 BTC for user information
Ilascu said there were multiple posts on a hacker forum discovered by cybercrime intelligence platform Kela that showed the information was for sale. A user tried to sell the leak for 30 BTC using today’s Bitcoin exchange rates. That’s roughly $500,000. Ilascu also revealed that the data leak was a sale in October 2022, where the seller used a “different alias.”
Another person shared the information on a hacker site in mid-November, and this particular post said that the leak didn’t just include Gemini information, but other exchanges, according to the thesis. The post published on Breachforums also offered the database for free before the account was banned from the forum. The now-banned user also told forum users that three digits from their customer phone number were missing in the knowledge base leak.
We have included the details of the Gemini vulnerability in this article. The Bitcoin exchange, backed by the Winklevoss twins, is also in trouble due to its close relationship with Genesis. Gemini CEO Cameron Winklevoss shared the companies’ compensation efforts in his new statements. The threat of bankruptcy of Digital Currency Group (DCG) subsidiaries Grayscale and Genesis triggered double-digit sales at the weekend of December 16.