Trusted

Hacker Sells Stolen User Data from Razer Gaming Breach

2 mins
Updated by Geraint Price
Join our Trading Community on Telegram

In Brief

  • Hackers advertised user data from Singapore gaming company Razer for $100,000 worth of Monero online.
  • The breach allegedly involved 404,000 email addresses and a folder containing access keys linked to an in-game economy.
  • Razer has neither confirmed nor denied the hack's connection to a 2020 breach compromising personal shipping details.
  • promo

A hacker is selling user data they stole from Singapore gaming company Razer for 135,000 SGD worth of crypto on an online forum.

The gaming company confirmed the hack on Monday but did not deny or confirm a leak of 404,000 email addresses.

Hacker Steals and Sells User Rewards Wallet Data

The addresses were allegedly linked to an in-game economy that earned users rewards in digital wallets. Additionally, the hackers stole a folder zVault containing keys controlling access to these rewards. The attacker is selling the information on an online marketplace for $100,000 worth of Monero, the privacy coin.

Razer has not confirmed whether the hack was related to a 2020 breach that compromised personal shipping details. The Singapore High Court awarded Razer $6.5 million in damages after the gaming company sued its information technology vendor. A former Capgemini employee disabled security measures enabling hackers to gain unauthorized access to data.

Binance recently rescinded the use of privacy coins like Monero from being used in France. Unlike Bitcoin and Ethereum payments that require a client to sign purchases with a single private key to pay another entity, Monero uses a ring-signature scheme dependent on multiple users whose involvement obscures the source of funds.

Read here about Monero crypto wallets.

Europe’s Markets in Crypto-Assets bill, due to come into effect in 2024, forbids exchanges to list privacy coins. MiCA’s money laundering rules require exchanges to report users on both transaction ends.

Recently-gazetted regulations in Hong Kong and new proposals in Singapore prevent crypto exchanges from listing privacy coins.

US Treasury Sanctioned Service Anonymizing Stolen Funds

Last year, the US Treasury Department banned the Ethereum mixer Tornado Cash for its money laundering potential. The services commingle funds from multiple sources, making it impossible to trace the origin of stolen crypto.

Attackers wishing to avoid blacklisting by the operators of centralized cryptocurrencies often convert stolen funds to wrapped ERC-20 tokens. They then passed these tokens through Tornado Cash to scramble their identity.

All centralized exchanges under US jurisdiction may not interact with 44 cryptocurrency addresses linked with TornadoCash.

Attackers that stole $655 million from Axie Infinity’s Ronin Bridge hack in 2022 moved 21,000 ETH through Tornado Cash. The hack was one of the largest single attacks in the decentralized finance space.

Despite Singapore Razer data breach, the size and number of hacks have fallen  in 2023.
Hacks Fell Since Tornado Cash Sanctions | Source: TRM Labs

North Korean hackers have also used the service.

Got something to say about the Razer data breach or anything else? Write to us or join the discussion on our Telegram channel. You can also catch us on TikTokFacebook, or Twitter.

Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

David-Thomas.jpg
David Thomas
David Thomas graduated from the University of Kwa-Zulu Natal in Durban, South Africa, with an Honors degree in electronic engineering. He worked as an engineer for eight years, developing software for industrial processes at South African automation specialist Autotronix (Pty) Ltd., mining control systems for AngloGold Ashanti, and consumer products at Inhep Digital Security, a domestic security company wholly owned by Swedish conglomerate Assa Abloy. He has experience writing software in C...
READ FULL BIO
Sponsored
Sponsored