Millions of Accounts from 11 Hacked Bitcoin Forums Being Sold on Dark Web

A famous Dark Web vendor known by their handle of “DoubleFlag” is selling databases of eleven Bitcoin forums on a popular dark web marketplace. The databases were stolen between 2011 to 2017 from widely visited forums providing information about Bitcoin mining and trading.

The combined number of data stolen from these forums is more than 12,000,000 including 536,727accounts from which suffered a data breach in January 2017, 514,409 accounts from forum which was hacked in May 2015, 568,357 stolen from back in October 2014, 21,439 accounts from which was hacked in January 2014, 21,439 accounts from which was also hacked in January 2014.

3,153 which was breached in September 2014,1,780 accounts stolen back in March 2014, 28,298 accounts stolen in January 2014, 61,011 stolen in June 2011, 34,513 (breach date unknown) 10,855,376 BitcoinSec from 2014 breach and 3,149 accounts from (breach date unknown).

More: 21 Million Decrypted Gmail, 5 Million Yahoo Accounts Being Sold on Dark Web

Listing details uploaded by the vendor himself.

Most of the accounts contain a username, email address, personal text number, gender, date of birth, website title and URL, location and password. In some cases, the passwords have been decrypted while some are using SHA1 hash which is easy to decrypt since Google security researchers have already broken the SHA-1 web security tool last month.

The price set for this data is USD 400 (BTC 0.3817)

It must be noted that and are two of the most important bitcoin related platforms having their data sold on the dark web since 2016 by several other vendors. However, we are not sure about rest of the platforms. Either way, if you have an account on any of the forums mentioned above change your password asap. Also, some of the forums discussed aren’t active anymore; therefore, the relevance of their data is out of the question.

More: Dark Web Suffers After Anonymous Hacked Firm Hosting Child Porn Sites

Previously, DoubleFlag was selling millions of “U.S. Cellular” customers data and 1 billion accounts stolen from Chinese Internet Giants. His feedback ratings have been positive throughout which means the vendor has been selling legit data to buyers.

DDoS attacks are increasing, calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.


Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.