A cybersecurity researcher discovered a vast database containing 149 million stolen login credentials from malware-infected devices, including 420,000 logins for Binance. The incident sheds light on the increasing risks facing crypto users.

A blog post by Jeremiah Fowler, published on ExpressVPN, revealed that the dataset included accounts from major platforms like Facebook, Instagram, Netflix, and Binance, with 48 million Gmail and 6.5 million Instagram accounts compromised.

“This is not the first dataset of this kind I have discovered and it only highlights the global threat posed by credential-stealing malware,” remarked Fowler. Translation: This isn’t the first massive data breach I’ve encountered, and it showcases the serious danger credential-stealing malware poses.

Security experts clarified that this data breach does not stem from Binance’s internal systems; the credentials were retrieved via infostealer malware.

A spokesperson for Binance stated, “Infostealer is a known malware variant that collects user credentials after compromising devices. These are not leaks from Binance.”

The incident highlights the importance of adopting preventive security measures, as Deddy Lavid, CEO of blockchain cybersecurity firm Cyvers, explained:

“This highlights why the industry is shifting toward prevention-first security models that can detect and stop suspicious activity before funds are moved, alongside strong user hygiene such as hardware-based MFA and secure password practices.”

To safeguard users, Binance actively monitors dark web marketplaces and recommends employing antivirus tools and performing regular security checks for devices to fend off such threats.