A darknet vendor is allegedly selling images and data associated with crypto exchange identity verification processes

26

A user going by the name of “ExploitDOT” is allegedly selling 100,000 personal documents that were used to comply with the know-your-customer (KYC) regulations on cryptocurrency exchanges, as first reported by CCN. He posted the sale on July 17, 2018 on a sub-community (DNMAds) of Dread, which is a hidden Reddit-like community that operates on darknets such as Tor and “provides a platform for open community discussion without as much censorship and limitations.”

ExploitDOT claims that he was a vendor on Tor Carding Forum (TCF), which was one of the earliest and largest darknet forums focused on the trade of stolen credit card details, identity theft, and currency counterfeiting. TCF closed in 2014 following a hack. ExploitDOT was also allegedly a vendor on AlphaBay, a darknet marketplace with over 400,000 users that police shut down after a law enforcement action in July 2017.

The documents were supposedly ‘dumped’ in the first half of 2018 when an unnamed third party KYC solution provider which was providing services to crypto exchanges and ICOs suffered a breach. At the time of writing, it’s not immediately clear which KYC provider got hacked or even whether the hack actually took place. ExploitDOT claims that the documents include sensitive information and high quality photos with EXIF including geographic information “for every country” about users that KYC’d on Binance, Bitfinex, Poloniex and Bittrex. We have reached out to the affected exchanges and will update the article if we hear back.

The data dump, which is being sold in bulk, includes selfies, scans of identity documents and proof of address of each person. Following the report by CCN, ExploitDOT posted again on Dread and asked whether he should “try to start a crowdfunding to delete all the hacked documents” because “if you ever sent a KYC, chances are there [are] also your documents in my dump.” He wrote that he wants to crowdfund an amount that “helps [him to] work on [his] legit business with [his] ideas that could change the world.”

According to ExploitDOT, asking the affected exchanges to pay for the removal would not make sense because “the exchanges are completely denying the documents were took from them, whereas there is clearly docs with ‘Binance’, ‘Poloniex’ and such written on the paper.”

The post A darknet vendor is allegedly selling images and data associated with crypto exchange identity verification processes appeared first on The Block.


A darknet vendor is allegedly selling images and data associated with crypto exchange identity verification processes written by The Block @ https://www.theblockcrypto.com/2019/01/21/a-darknet-vendor-is-allegedly-selling-images-and-data-associated-with-crypto-exchange-identity-verification-processes/ January 21, 2019 The Block

Comments are closed.