More than 16 billion login credentials from major online platforms like Apple, Google, and Facebook have been leaked, potentially putting crypto users at risk.
The huge leak of login details could be bad news for crypto users. Hackers might use this info to break into accounts, especially wallets linked to email addresses.
Some wallets save backup phrases in the cloud using passwords. If hackers get in, they could steal your crypto.
If attacks increase, exchanges may ask users to change passwords or take stronger safety steps.
To stay safe, crypto users should change passwords now, turn on two-factor authentication (2FA), and never store recovery phrases online.
16 Billion Credentials Leaked from Top Platforms
According to a report by Cybernews, researchers analyzed 30 different data leaks, each ranging from tens of millions to over 3.5 billion records, adding up to a total of 16 billion exposed credentials.
Only one of these leaks had been reported before. Most databases had about 550 million entries, and even the smallest had over 16 million.
Cybernews warned that this massive leak could lead to widespread cyberattacks, as it gives hackers fresh and usable information. Much of the data came from unsecured systems, like open Elasticsearch databases and cloud storage.
The leaked credentials reportedly provide access to almost any online service, including Apple, Facebook, Google, GitHub, Telegram, and even government platforms.
The data also includes stolen cookies, login tokens, and other sensitive details, making it even more dangerous, especially for users or companies that don’t use two-factor authentication. Cybernews said it’s almost certain that some of it came from cybercriminals.
Hackers Wipe $90M from Iran’s Top Crypto Exchange
Meanwhile, a hacker group called Gonjeshke Darande, or “Predatory Sparrow,” says it attacked Nobitex, Iran’s biggest crypto exchange, on Wednesday.
The group claims it destroyed $90 million worth of crypto and threatened to leak the exchange’s source code. This was their second attack in two days, after targeting Iran’s Bank Sepah on Tuesday.
Nobitex took down its website and app, saying it was checking for “unauthorized access.” The hackers accused the exchange of helping the Iranian government avoid sanctions and fund illegal activities. TRM Labs, a blockchain analysis company, confirmed that the stolen crypto was moved to wallets that criticized Iran’s Revolutionary Guard.
Gonjeshke Darande has hit Iran before. In 2021, they caused gas station shutdowns. In 2022, they attacked a steel plant and caused a big fire. Israel hasn’t said it’s behind the group, but many Israeli news outlets say they are likely linked.
So far, neither Nobitex nor the hackers have responded to messages. The attacks come during rising tension between Israel and Iran.
