Please Register !
What was discovered?
Please Register !
A huge, publicly accessible database containing stolen usernames and passwords was recently spotted by cybersecurity researcher Jeremiah Fowler. The credentials appear to have been collected from infected personal devices (phones and computers) using infostealer malware—a type of malicious software that quietly grabs saved logins from browsers, apps, and sometimes password managers.
According to a blog post published on ExpressVPN, the dataset reportedly held around 149 million credential pairs. Among them were logins tied to major platforms like Facebook, Instagram, Netflix, and also the crypto exchange Binance—including about 420,000 credentials associated with Binance users.
Please Register !
What’s inside the leak (high-level numbers)
Please Register !
The dump reportedly included, among others:
-
48M Gmail accounts
Please Register !
-
4M Yahoo accounts
Please Register !
-
17M Facebook accounts
Please Register !
-
6.5M Instagram accounts
Please Register !
-
3.4M Netflix accounts
Please Register !
-
780K TikTok accounts
Please Register !
-
420K Binance-related credentials (at least)
Please Register !
Fowler also noted that in the portion he reviewed, there were signs of compromised access affecting financial services, including trading accounts, banking, and potentially crypto wallet-related logins.
Please Register !
Please Register !
Why government-related logins are especially worrying
Please Register !
One of the more alarming parts of Fowler’s comments was the mention of credentials connected to government-linked accounts and .gov domains. That’s risky because it can fuel:
-
impersonation attempts (attackers pretending to be a government agency)
Please Register !
-
phishing campaigns aimed at citizens or employees
Please Register !
-
targeted attacks using “official-looking” emails
Please Register !
Please Register !
Important clarification: this is NOT proof Binance’s systems were hacked
Please Register !
Security experts emphasized that this does not automatically mean Binance suffered an internal breach. The more likely scenario is:
Please Register !
Please Register !
Please Register !
A Binance spokesperson reportedly explained that these are credentials stolen from compromised devices, not “leaked from Binance.”
Deddy Lavid (CEO of blockchain cybersecurity firm Cyvers) also stressed the same point: it looks like an end-user device compromise, not an exchange back-end failure.
Please Register !
What Binance reportedly does in these cases
Please Register !
The article notes that Binance works to reduce harm by:
-
monitoring dark-web marketplaces
Please Register !
-
warning affected users
Please Register !
-
forcing password resets when needed
Please Register !
-
revoking suspicious or compromised sessions
Please Register !
Binance also recommends using antivirus / anti-malware tools and running regular scans to catch threats like infostealers early.
Please Register !
Infostealers targeting crypto via “game mods” (Kaspersky warning)
Please Register !
The piece also references a warning from Kaspersky (December 2025) about a newer infostealer campaign that pretends to be game cheats or mods. It reportedly aims at:
-
crypto wallets
Please Register !
-
browser extensions (especially wallet extensions)
Please Register !
-
account sessions and saved passwords
Please Register !
It was reportedly found in November, and attackers were said to hide it inside game cracks/mods, with frequent references to Roblox-themed bait.
Please Register !
What you should do right now (practical checklist)
Please Register !
If you trade crypto or use wallet extensions, this is the “do it today” list:
Please Register !
1) Change passwords (start with email!)
Please Register !
-
Change your email password first (because password resets go there).
-
Then change exchange and social passwords.
-
Use a unique password for each site (password manager helps a lot).
Please Register !
2) Turn on stronger 2FA
Please Register !
-
Prefer Authenticator app or hardware security key
Please Register !
-
Avoid relying only on SMS 2FA if you can
Please Register !
Please Register !
3) Clean your device
Please Register !
-
Run a full malware scan
-
Remove unknown browser extensions
-
Update your OS and browser
Windows (built-in Defender quick examples)
Please Register !
4) If you use wallet extensions
Please Register !
-
Remove suspicious extensions immediately
-
Consider moving funds to a fresh wallet if you suspect compromise
-
Treat any exposed seed phrase as burned (create a new wallet)
Please Register !
5) Watch for phishing after leaks
Please Register !
After big dumps, attackers often launch follow-up scams:
-
“Security alert: log in now”
-
“Your account is at risk”
-
“Verify your wallet”
If a message pressures you with urgency, slow down—that’s the point.
