Assets
Crypto Deposit
Fiat Deposit
Convert
Transfer
Withdraw
My vouchers
Fund history
Dashboard
Account Security
Identity verification
API Management
Transaction Report
Log out
Register
BTCC / BTCC Square / coincentral /
Kraken Exchange Access Listed for Sale on Dark Web for Just $1: Report

Kraken Exchange Access Listed for Sale on Dark Web for Just $1: Report

Author:
coincentral
Published:
2026-01-02 12:04:09
20
3

Kraken Exchange Access Listed for Sale on Dark Web for Just $1: Report

Kraken exchange access is reportedly being sold on the dark web for a single dollar. The news highlights persistent security vulnerabilities in the crypto space.

Dark Web Marketplace

Underground forums are offering what appears to be stolen or compromised credentials for one of the world's largest cryptocurrency exchanges. The listing price—a symbolic $1—suggests the data is being widely distributed or is of questionable quality, though the mere existence of such an offer is alarming.

Security Implications

This incident underscores the constant targeting of crypto platforms by malicious actors. It serves as a stark reminder for users to employ robust security measures: unique passwords, two-factor authentication, and vigilance against phishing attempts. Exchanges, meanwhile, face relentless pressure to fortify their defenses.

The cynical finance jab? In traditional finance, they charge you $50 for a wire transfer; in crypto, someone might sell access to your entire portfolio for less than a cup of coffee. Progress.

While Kraken has built a reputation for security, this report is a wake-up call. The digital asset ecosystem's growth continues to attract both innovators and exploiters in equal measure.

TLDR

  • A dark web post claims access to Kraken’s admin panel with user data and full KYC.
  • The access is read-only but includes support ticket creation, with no IP limits.
  • Seller says access is routed internally and valid for 1–2 months with TOTP expiring Feb 2026.
  • Security experts warn of phishing risks if attackers impersonate support using real transaction info.

A dark web forum listing is circulating that allegedly offers access to a read-only admin panel of the Kraken cryptocurrency exchange for as little as $1. The post has drawn attention from cybersecurity analysts and exchange users alike. The access allegedly allows viewing of user profiles, full transaction histories, and Know Your Customer (KYC) documents.

These documents include government-issued IDs, selfies, proof of address, and source-of-funds files. The listing claims the access is proxied through Kraken’s internal systems and has no IP restrictions. The seller states that access remains valid for up to two months, and the time-based one-time password (TOTP) linked to the session is set to expire in February 2026.

Access Description Raises Alarms from Security Analysts

According to details shared by Dark Web Informer, the access is described as view-only but includes the ability to generate support tickets. This could potentially be used to impersonate staff or phish for more information from users. Some cybersecurity experts have flagged the sale as highly suspicious, while others caution that, if true, it could expose sensitive data of Kraken customers.

“This is a major data-exposure and phishing risk for Kraken customers,” one security professional was quoted as saying. Experts warn that even read-only access can lead to major threats when sensitive data is involved. Full access to user trading activity, wallet addresses, and deposit behavior could allow attackers to conduct highly targeted phishing campaigns, SIM swaps, or credential theft.

CIFER Security, an independent cybersecurity firm, warned that attackers could use support ticket tools to imitate legitimate staff. With access to real user data, it becomes easier to manipulate users into sharing credentials or making transfers. The firm added that such attacks could target high-value individuals or those with frequent transactions.

Admin Panels in Crypto Under Threat Again

Access to internal admin tools has been a repeated focus for threat actors in the cryptocurrency space. Exchanges such as Mt. Gox, Binance, KuCoin, Crypto.com, and FTX have all faced breaches targeting internal control systems.

These incidents have led to broader concerns about centralized platforms storing customer data in environments that may be exposed through compromised credentials, insider actions, or vendor vulnerabilities. Analysts believe that this alleged Kraken breach follows a similar pattern and reflects continued risks in platform design and access control.

What Kraken Users Are Advised to Do Now

CIFER Security recommends that Kraken users take extra precautions even before any official confirmation. Users are urged to enable hardware-based two-factor authentication, lock account settings, and whitelist specific withdrawal addresses. These steps can reduce risks of unauthorized account actions.

Additionally, users should be cautious about any emails or messages claiming to be from Kraken support. If attackers have access to transaction details, they may attempt to trick users using personalized information. Monitoring for SIM swap attempts and unexpected password resets is also advised.

Moving funds to new addresses not visible in transaction histories is also being suggested. Hardware wallets are a more secure option for users with large holdings. At the time of writing, Kraken has not issued an official statement. It is unknown whether this access was obtained through stolen credentials, insider involvement, or another method. Security experts are calling for the exchange to urgently audit admin panel activity, rotate access keys, and notify users if any exposure is confirmed.

|Square

Get the BTCC app to start your crypto journey

Download on the App Store GEI IT ON Google Play

Get started today Scan to join our 100M+ users

Exchange for a better future

Products
Services
Guides
About Us
Terms & Agreement
Customer Service

Risk warning: Digital asset trading is an emerging industry with bright prospects, but it also comes with huge risks as it is a new market. The risk is especially high in leveraged trading since leverage magnifies profits and amplifies risks at the same time. Please make sure you have a thorough understanding of the industry, the leveraged trading models, and the rules of trading before opening a position. Additionally, we strongly recommend that you identify your risk tolerance and only accept the risks you are willing to take. All trading involves risks, so you must be cautious when entering the market.

The world’s longest-running cryptocurrency exchange since 2011 © 2011 - 2026 BTCC.com. All rights reserved

All articles reposted on this platform are sourced from public networks and are intended solely for the purpose of disseminating industry information. They do not represent any official stance of BTCC. All intellectual property rights belong to their original authors. If you believe any content infringes upon your rights or is suspected of copyright violation, please contact us at [email protected]. We will address the matter promptly and in accordance with applicable laws.BTCC makes no explicit or implied warranties regarding the accuracy, timeliness, or completeness of the republished information and assumes no direct or indirect liability for any consequences arising from reliance on such content. All materials are provided for industry research reference only and shall not be construed as investment, legal, or business advice. BTCC bears no legal responsibility for any actions taken based on the content provided herein.