A collection of 149 million stolen credentials, which includes login details for approximately 420,000 Binance accounts, was recently revealed circulating among cybercriminals this week.

The discovery underscores a trend in crypto theft, focusing on persistent malware infections that pilfer data directly from the victims’ devices long before any financial movements occur.

The Scale of the Threat

On February 4, security company Web3 Antivirus issued a warning indicating that the dataset compiled stemmed from information-stealing malware planted on the computers of victims. In addition to exchange logins, the compromised data included passwords, private keys, API keys, and browser session tokens associated with email, social media, and financial platforms.

The firm highlighted that these “infostealers” gather information which can be exploited for account takeovers and asset theft, stressing that early detection at the device level is essential. Often, by the time suspicious activity appears on the blockchain, it’s already too late.

Additionally, Web3 Antivirus elaborated on the utilization of malignant AI capabilities on platforms such as ClawHub to unlawfully capture crypto information. According to the security firm, these deceptive skills masquerading as wallet tools or trading bots, embed information-stealing malware that remains dormant until a victim’s crypto assets increase or specific actions are performed. This situation represents a supply-chain vulnerability emerging upstream, from wallets to the trusted tools designed to manage them.

A Persistent Challenge for Users and Platforms

The significant financial losses stemming from crypto theft are alarming. A recent report from PeckShield noted that scams and hacks led to the loss of over $4.04 billion in 2025, with the scams alone rising 64% year-over-year. This report indicated a shift towards targeting centralized exchanges and major organizations, which accounted for three-quarters of the stolen funds that year.

Furthermore, Web3 Antivirus estimated that illicit crypto transactions in 2025 amounted to around $158 billion, up from $64 billion in 2024. Although the on-chain security provider partially attributed the spike to enhanced tracking and increased state-related activity, the data reveals that even minimal success rates for thieves can culminate in vast losses.

You may also like:

• CZ Flags AI-Generated Fake Account Behind Binance FUD
• Binance to Convert $1B SAFU Fund From Stablecoins to Bitcoin
• Bubblemaps Flags LICK Token as On-Chain Data Ties Launch to Alleged $40M US Government Theft

The recent breaches accentuate the disconnect between user safety and platform security, with the firm stating,

“Scams don’t succeed because users ignore advice; they succeed because risk is only surfaced after execution is already possible.”

The firm contended that platforms, possessing the capability to observe transaction approvals and behavior patterns before users, represent “the last real control point” in thwarting theft.

A common method of attack utilized is wallet drainers, which reportedly worsened in January with 15,530 suspicious approvals across 11,908 wallets leading to $4.25 million in losses. These drainers typically infiltrate through nefarious transaction approvals, making pre-signature detection vital.