Infostealer Infection Results in Data Breach of Blockchain Identity Platform, Fractal ID

On July 14th, 2024 Blockchain identity platform Fractal ID suffered a data breach resulting in sensitive KYC data of over 55,000 individuals being exposed online.

Fractal ID acknowledged the breach on July 17th:

Fractal ID’s acknowledgement tweet

The severity of this data leak should not be underestimated, as it includes the following set of sensitive details on the impacted individuals:

users’ names, email addresses, digital wallet addresses, physical addresses, phone numbers, facial images and uploaded photos of documents like passports and driver’s licenses.

The data was listed for sale on infamous cybercrime forum, breachforums, on July 18th:

The thread posted by the threat actor, offering to sell sensitive data from Fractal ID’s platform

Following the incident, Blockchain investigator, ZachXBT shared additional details relating to the infiltration method of the hacker:

Identity of Fractal ID’s employee (https://x.com/zachxbt/status/1814654805908070702)

Infostealer Infection of Fractal ID’s Employee

Hudson Rock researchers were able to determine that the abovementioned employee had their computer infected by Raccoon Infostealer on September 9th, 2022, resulting in over 500 credentials being stolen from the computer.

Among them many corporate credentials relating to Fractal.id:

Data from the infected employee from Hudson Rock’s platform, Cavalier

While the computer was infected back in 2022, it appears the victim did not change their password, enabling the hackers to infiltrate an account and initiate the hack.

The data from the identified computer appears to be aligned with the claims of the hacker and stands as a reminder that Infostealers often aid hackers in obtaining initial accesses that lead to significant data breaches.

As Infostealers continue to evolve and become more sophisticated, organizations must remain vigilant and adopt robust cybersecurity measures. Infostealers represents a new era in cyber threats, one that requires adaptive strategies and proactive defense mechanisms to protect sensitive information and maintain cybersecurity.

To learn more about how Hudson Rock protects companies from imminent intrusions caused by info-stealer infections of employees, partners, and users, as well as how we enrich existing cybersecurity solutions with our cybercrime intelligence API, please schedule a call with us, here: https://www.hudsonrock.com/schedule-demo

We also provide access to various free cybercrime intelligence tools that you can find here: www.hudsonrock.com/free-tools

Thanks for reading, Rock Hudson Rock!

Follow us on LinkedIn: https://www.linkedin.com/company/hudson-rock

Follow us on Twitter: https://www.twitter.com/RockHudsonRock

Don’t Stop Here

More To Explore

favicon__1_ removebg-png

BE THE FIRST TO KNOW

Stay informed with the latest insights in our Infostealers weekly report.

Receive immediate notification if your email is involved in an infostealer infection.

No Spam, We Promise

favicon__1_ removebg-png

BE THE FIRST TO KNOW

Stay informed with the latest insights in our Infostealers weekly report.

Receive immediate notification if your email is involved in an infostealer infection.

No Spam, We Promise