Key Highlights
- A dark web listing claims read-only access to Kraken’s admin panel is being sold for $1, including user profiles, transaction histories, and full KYC documents.
- Even read-only access could be risky and let hackers impersonate staff and attempt phishing or targeted scams.
- Kraken has not confirmed any breach, and experts advise users to enable extra security, like hardware keys and withdrawal whitelists.
Hackers are reportedly offering read-only access to Kraken’s internal admin panel on a dark web forum, raising questions about potential exposure to customer data.
As per an X post by user Dark Web Informer on Friday, the listing claims the access allows viewing user profiles, transaction histories, and full KYC documents, including government-issued IDs, selfies, proof of address, and declared sources of funds.
The seller, using the name “ransomcharger,” claims the access is valid for one to two months, proxied through Kraken’s systems, and includes the ability to generate support tickets. This could let attackers pretend to be staff and trick customers into sharing private information.
Some cybersecurity experts remain skeptical about the listing’s authenticity. One online user commented, “Almost certainly fake.” Another netizen warned, “If this is genuine, it’s a major data-exposure and phishing risk for Kraken customers. Kraken’s security and law enforcement teams need to be on this immediately.”
Previous similar events
The crypto space has faced similar events in the past. Exchanges such as Mt. Gox, Binance, KuCoin, Crypto.com, and FTX have all faced breaches targeting admin tools. If this Kraken listing is real, it follows the same pattern, showing how hard it is to fully protect sensitive customer data. The listing reportedly allows unrestricted access with time-based codes expiring in February 2026.
In mid-2025, Kraken and Binance were reportedly targeted by social engineering attacks similar to those affecting Coinbase, in which users paid customer service representatives to steal their data. Coinbase later confirmed that a former agent had been arrested in India. Meanwhile, the Brooklyn District Attorney charged a man in the U.S. with pretending to be a customer service representative and stealing $16 million.
At the time, Kraken said it has safeguards to watch for unusual activity, limit unnecessary access, and also employ AI systems to detect suspicious behavior.
It is recommended that users enable hardware key authentication and be careful with support messages. Users may also consider moving funds to hardware wallets or new addresses to avoid exposure. As of now, Kraken has not issued a public response to the alleged listing.
Also Read: SlowMist 2025 Report: Professional Hacking Drives $2.9B Losses
