A leaked dataset of 149 million stolen credentials reportedly contains credentials for approximately 420,000 Binance accounts.
This week, 149 million stolen credentials, including credentials for 420,000 Binance accounts, were discovered to be in circulation among cybercriminals.
The findings highlight a shift in crypto theft toward long-lasting malware infections that steal data directly from users’ devices, often long before any funds are moved.
The magnitude of the threat
According to an alert posted on February 4 by security firm Web3 Antivirus, the dataset was composed of information-stealing malware installed on the victim’s devices. In addition to exchanging logins, the stolen data included passwords, private keys, API keys and browser session tokens for email, social and financial platforms.
The company noted that these “infostealers” collect data that can later be used for account takeovers and fund theft. It emphasizes that prevention requires early detection at the device level, as it is often too late by the time suspicious activity appears in the chain.
Further in a separate series of posts Web3 Antivirus detailed how malicious AI skills on platforms like ClawHub are being used to steal crypto data. According to the security firm, these rogue skills, which masquerade as wallet tools or trading bots, install information-stealing malware that can remain dormant until a victim’s crypto balance grows or specific actions are taken. This vulnerability represents a supply chain risk that moves upstream “from wallets to the tools people trust to manage them.”
An ongoing challenge for users and platforms
The severity of losses due to crypto theft cannot be underestimated. A recent report from PeckShield notes that scams and hacks will cost more than $4.04 billion by 2025, with scams alone increasing 64% year-over-year. The company noted a move toward centralized exchanges and large organizations, which were responsible for 75% of stolen funds by 2025.
Meanwhile Web3 Antivirus put down the volume of illicit crypto activity in 2025 was approximately $158 billion, up from $64 billion in 2024. While the on-chain security provider attributed the increase partly to better tracking and more state-linked activity, the figures show that even small success rates for thieves can lead to large losses on a large scale.
You might also like:
The recent data thefts have exposed the gap between user and platform protection, with the company stating:
“Scams don’t succeed because users ignore advice; they succeed because risks are only revealed when execution is already possible.”
The company argued that platforms, which can see transaction approvals and behavior patterns before users do, are at “the last real checkpoint” to prevent theft.
One of the most common attack vectors is wallet stealers, Web3 Antivirus declared had gotten even worse, with 15,530 suspicious approvals across 11,908 wallets, leading to $4.25 million in losses in January. These scammers typically enter through malicious transaction approvals, making pre-signature detection extremely important.
SECRET PARTNERSHIP BONUS for CryptoPotato readers: Use this link to register and unlock $1,500 in exclusive BingX Exchange rewards (limited time offer).
#Binance #users #note #massive #malware #dataset #reveals #accounts