Prices depend on the balance, age of the account, and 2FA protection.

Hackers have built a market for reselling stolen crypto data

29.12.2025 - 11:05

475

3 min

Key points:

  • Crypto accounts stolen through phishing are being sold en masse on the dark web and Telegram at an average price of around $105.
  • Hackers use bots and admin panels to collect, verify, and resell data, turning phishing into a full-fledged business.

Stolen accounts of crypto service users are being sold en masse on the dark web for an average of $105 each. This data is obtained through phishing attacks and becomes the starting point for a whole chain of cybercriminal services.

According to SecureList, the cost of a single crypto account can vary from $60 to $400 depending on its quality. Hackers either sell the data immediately or store it in databases for further use. It all depends on what kind of credentials they managed to get.

How phishing data gets to hackers and the market

After you enter your info on fake sites, it gets to the bad guys in a few ways: by email, through Telegram bots, or using special admin panels. To cover their tracks, phishing schemes often use legitimate services such as Google Forms, Microsoft Forms, GitHub, or Discord.

Mailing stolen data is gradually becoming a thing of the past: it is slow, easily blocked, and does not scale well. It has been replaced by Telegram bots, which instantly send information to operators and leave virtually no traces.

More advanced groups use administrative panels. They automatically collect data into databases, display statistics by country and time of attack, check the functionality of accounts, and prepare them for resale. Such tools are considered standard for large phishing operations.

What happens to stolen crypto data

Access to crypto exchanges, wallets, and fiat deposit services is particularly valuable. Accounts with one-time codes or linked to payments are often sold immediately, while the rest of the data is saved for future attacks.

Phone numbers are used for SMS fraud and bypassing two-factor authentication, while personal data is used for social engineering. Documents, selfies, and biometrics are used in more risky schemes.

Wave of crypto wallet hacks: how to protect your assets from AI and hackers

Wave of crypto wallet hacks: how to protect your assets from AI and hackers

In 2025, attacks on cryptocurrency wallets became significantly more frequent. Attackers use a huge array of tools to bypass security mechanisms

Читать дальше

Mass resale begins with so-called dumps — archives with millions of records that intermediaries can buy for as little as $50. The data is then cleaned, checked by automated scripts, and combined into profiles.

Ready-made and verified credentials are sold on dark web forums and Telegram channels, where prices are listed, and reviews are published. The cost depends on the age of the account, balance, linked payments, and the presence of 2FA.

Kaspersky Lab analysts note that almost 89% of phishing attacks are aimed specifically at stealing logins and passwords. Stolen crypto data remains a valuable asset for criminals for years and can lead to major hacks even long after the user’s initial mistake.

Subscribe to Getblock Magazine and stay up to date with the latest news from the world of cryptocurrencies and the digital economy