149M Infostealer Records Leak Exposes Crypto Wallet Data

Ben Graham · 6 horas atrás

A massive infostealer database leak was recently discovered sitting unsecured on a publicly accessible server, exposing roughly 149 million stolen records belonging to internet users worldwide, as well as crypto users.

The trove, totalling about 96 GB, contained approximately 149.4 million unique login credentials collected from email accounts, social media platforms, financial services, crypto exchanges, streaming sites, dating apps, academic portals, and even some government-related systems.

Security researchers reported that the database appeared to be actively growing while online, with new records added over several weeks, before the hosting provider ultimately took it offline for violating the terms of service.

Among the most concerning items exposed were cryptocurrency wallet recovery phrases and login credentials for major exchanges. The dump included hundreds of thousands of credentials linked to platforms like Binance, alongside millions tied to services such as Gmail and Facebook.

This exposure comes as credential-based digital theft continues to rise, with attackers increasingly focusing on crypto accounts due to the speed and irreversibility of transactions.

A major infostealer malware data breach has resulted in the exposure of approximately 1.49 million cryptocurrency users’ data, including wallet and login credentials, highlighting the ongoing risk posed by malicious software that steals sensitive information. pic.twitter.com/YiJGojf0iM

— BetOnCrypto (@betoncryptoio) January 26, 2026

EXPLORE: Ethereum Spot ETFs Outflows Spike as ETH Price Slumps

What is an Infostealer Leak, And Why Are Crypto Users Targets?

Infostealers are a category of malware designed to quietly extract sensitive data from infected devices. They typically spread through phishing emails, cracked software downloads, fake browser extensions, or malicious websites. Once installed, they can log keystrokes, capture screenshots, steal browser-saved passwords, collect cookies, and extract credentials stored in apps or password managers.

Crypto users sit at the top of the target list. Unlike a bank transfer, a stolen seed phrase lets thieves move funds instantly, with no undo button. That reality explains why crypto hacks drive demand for hardware wallets that keep keys offline.

This dump reportedly bundles data from multiple campaigns, meaning infections are stacked over time. Some records include API keys from exchanges like Binance or Kraken, which can allow automated trading or withdrawals if left active.

EXPLORE: LIT Lighter Crypto: Post-Airdrop Rebound Gains Traction with Whale Staking Deposits

Billion-Dollar Losses: Crypto Credentials and Seed Phrases Exposed at Scale

The broader surge in infostealer activity has translated into real financial damage across the crypto ecosystem. In 2025, billions of dollars were lost to hacks, exploits, and credential-based thefts, making it one of the most expensive years on record. A single high-profile exchange breach accounted for roughly $1.5 billion of those losses, while state-sponsored actors continued targeting exchanges and infrastructure.

(Source: Chainalysis)

Regulators already watch exchanges closely after cases like the SEC’s action against Kraken in 2023. More breaches increase pressure on platforms to tighten security while pushing responsibility back to users. If your login leaks, the exchange will not refund drained funds.

Central banks worldwide are exploring digital currencies, expanding how much of our financial life lives online. At the same time, hackers refine tools that steal identities at scale.

After Ethereum’s Shanghai upgrade in 2023, around 5% of validators unstaked ETH amid security worries. That move showed a clear behavior shift. When security confidence drops, users act fast to reduce exposure.

EXPLORE: Hyperliquid Open Interest Hits Record High as DeFi Quietly Eats TradFi’s Lunch

How to Protect Your Assets From Possible Exploits

What can we do? Review old exchange API keys and revoke anything you no longer use, enabling strong multi-factor authentication, using unique passwords, and storing long-term holdings in hardware wallets. That cleanup step closes quite a few backdoors that many users forget exist.

Data leaks like this are becoming routine, but losing crypto does not have to be. Users who treat security as part of investing stay in the game longer, even as attacks grow louder.

Credential leaks have also fueled social-engineering scams, with attackers impersonating support staff using stolen user data. These schemes alone caused hundreds of millions in losses during 2025, often wiping out entire portfolios.

DISCOVER:

Follow 99Bitcoins on X For the Latest Market Updates and Subscribe on YouTube For Daily Expert Market Analysis.

The post 149M Infostealer Records Leak Exposes Crypto Wallet Data appeared first on 99Bitcoins.