Cybercriminals are once again targeting the cryptocurrency sector, with a dark web threat actor claiming to have unauthorized access to an undisclosed Web3 crypto fund and offering it for sale to the highest bidder.
According to a post by Dark Web Informer – Cyber Threat Intelligence, the illicit access is being auctioned off with a starting price of Rs 30 lakhs, an increment step of Rs 4.1 lakhs , and an instant purchase option (blitz price) set at Rs 83 lakhs.
The post, which surfaced on a dark web marketplace, was allegedly made by a user named “masterkf” who claims to have insider-level access to a single fund with assets exceeding Rs 125 crore. The threat actor asserts that the fund belongs to institutional investors in the crypto space, making the breach highly sensitive.
Nominations are open for Honouring Women in Cyberspace on International Women’s Day 2025- Nominate Now!
While details about the specific fund remain undisclosed, the hacker has outlined several ways the buyer could exploit this unauthorized access, including:
- Extracting private data of investors and fund participants
- Manipulating internal fund transactions
- Gaining privileged insights into future investment strategies
The alarming part is that the seller insists they have already tested and verified the access. The hacker has even offered a demonstration to serious buyers, further raising concerns about the legitimacy of their claims.
With Web3 and decentralized finance (DeFi) platforms becoming prime targets for cybercriminals, security experts warn that such breaches could have far-reaching consequences, including financial losses, reputational damage, and legal repercussions for affected entities.
As law enforcement agencies monitor the dark web for potential threats, crypto firms must double down on cybersecurity measures, conduct regular security audits, and implement robust access controls to safeguard their funds from such cyber intrusions.