A hacker group known as “AKM69” has allegedly created a database containing sensitive information about 100,000 users connected to Gemini, according to a report released by the cyber threat monitoring platform Dark Web Informer on March 27.
Hackers on the dark web are asserting that they possess and are attempting to sell the personal data of individuals who use prominent cryptocurrency exchanges such as Gemini and Binance. This recent activity highlights ongoing concerns about data security in the crypto space.
Key Details of the Breach
The reported database is claimed to include personal details such as full names, email addresses, phone numbers, and geolocation data, with the majority of records originating from users based in the United States, and some entries traced back to Singapore and the UK.
Market for Leaked Data
The compromised data is being advertised in connection with various illicit activities, including targeted marketing strategies, scams, and fraud schemes.
Notably, a day prior to this announcement, another actor using the alias “kiki88888” reportedly listed a separate batch of Binance user information that included both email addresses and passwords, totaling over 132,000 records. However, the origin of this data remains ambiguous.
Dark Web Informer speculated that the compromised data might be sourced from affected user devices instead of a direct breach of Binance itself. They warned users to be cautious and refrain from clicking on dubious links.
Similar Incidents in the Past
These claims are reminiscent of previous data breaches. In September, a hacker known as “FireBear” alleged that they had more than 12 million stolen records from Binance, including sensitive personal information such as birth dates and addresses.
Subsequently, Binance conducted an internal investigation and dismissed these claims, asserting that no sensitive user data had been compromised.
Rise in Cyber Threats
March alone has seen an uptick in cyber threats aimed at crypto users. On March 21, the Australian Federal Police alerted 130 individuals regarding a phishing scam that impersonated crypto exchange sender IDs, including that of Binance.
Just a few days before, on March 14, users on social media platform X reported fraudulent messages that masqueraded as communication from Coinbase and Gemini, attempting to trick recipients into setting up wallets using pre-generated recovery phrases controlled by the attackers.
Increasing Complexity of Cyber Attacks
Earlier this month, Microsoft unveiled a new cybersecurity threat targeting cryptocurrency users. They discovered a remote access trojan (RAT) that infiltrates cryptocurrency wallet extensions on Google Chrome. This malware, referred to as StilachiRAT, is engineered to capture sensitive information from cryptocurrency holders.
This discovery coincides with an alarming rise in cryptocurrency-related cyberattacks, where attackers are increasingly employing sophisticated tactics to target digital assets.
Microsoft urged crypto users to enhance their security by utilizing antivirus software, cloud-based anti-phishing tools, and robust anti-malware protections to minimize potential risks.
Alarming Surge in Fraud Related to Cryptocurrency
The uptick in malware assaults on cryptocurrency holders aligns with a disturbing increase in crypto-related fraud. According to a recent report from prominent blockchain security platform Immunefi, losses within the crypto ecosystem surged by 20 times month-over-month from January to February 2025.
In January, registered losses totaled $73,915,700, but this number skyrocketed to $1,528,342,400 the following month as a consequence of nine hacking incidents. Furthermore, this February figure represents an 18-fold increase compared to February 2024, which saw losses amounting to $81,603,400.
