The name of the Huobi cryptocurrency exchange often appears on the darknet markets, where unknown hackers sell data that may belong to the company’s customers.
Recently this month, the CEO of the Binance exchange was required to
300 BTC for non-proliferation of documents “related to the personal data of users” of the platform, which were allegedly stolen. Other trading platforms also face similar problems.
The minimum cost of personal data of one Huobi user starts from 30 cents. For this amount, you can get phone numbers and text messages that are sent during the withdrawal of funds.
One of the sellers claims that the phone numbers are “absolutely real” and can be used if their owners come into contact with potential attackers.
“The ratio of the number of users who will use their phone numbers to the total number of data sold allows you to organize a pyramid scheme,” the seller claims.
In addition to Huobi, less well-known exchanges such as BIKI, Hetbi and ZDCoin also appear on the darknet.
Huobi marketing director Ross Zhang commented on this news, saying that the data provided in at least one such ad does not belong to users of the exchange. The management of the exchange compared the distributed information with its own database and concluded that only ” a very small proportion of phone numbers correlate with Huobi accounts.”
“It seems to us that the attacker is simply using the name of a popular exchange to attract attention,” said Jean.
The phone numbers allegedly associated with Huobi users could have been obtained in different ways, other than by directly hacking the exchange’s database. For example, the service of a third-party messaging solution provider could have been hacked, which explains the presence of confirmation codes for Huobi accounts in the distributed information.
“We understand that the database leak from a major exchange has given rise to new concerns, but this is not the case,” the Huobi representative added