Unbreakable crypto hardware wallets find their information on the dark web

Published by:
Posted on: May 25, 2020 6:03 pm EDT

Users of Trezor, Ledger and other wallets are apparently in a database being offered for sale

The hacker that attacked the Ethereum.org forum has been busy on the dark web, selling more than valuable information. Apparently, he is allegedly selling database information that belongs to three of the biggest crypto hardware wallets: Ledger, Trezor, and KeepKey. Perhaps having their digital assets safely guarded in an offline hardware does not represent that much of a risk unless hackers share name, address, phone number, and email of more than 80,000 of those users from these three platforms – at least none of the information shared had any passwords for any of the accounts.

Besides that, the same hacker recently listed the SQL database belonging to BnkToTheFuture – an online investment platform. This selling of listings was spotted by Under the Breach, which is one of the many cyber monitoring websites, on May 24. According to the hacker, he is in possession of information belonging to close to 41,500 Ledger users, at least 27,100 Trezos customers and another 14,000 KeepKey’s users.

Based on recent chat logs that were posted on Twitter, the hacker used a vulnerability found on the e-commerce website Shopify to steal all the data. However, a Shopify spokesperson confirmed to Cointelegraph that an internal investigation was inducted and “found no evidence to substantiate” the hacker’s claims and “no evidence of any compromise of Shopify’s systems.”

Even if it wasn’t stolen from Shopify, the truth is that this hacker advertises to have a lot of information, including databases of 18 virtual currency exchanges and forums. In addition, the hacker claims having the email lists of two crypto tax platforms, and the databases for Bitso, a Mexican trading platform. Also, full account information – including passwords – of blockchain platforms like Blockcypher, Nimirum and Plutus, has been reported by the hacker.