- Dark web posting claims read-only access to Kraken’s internal admin/support panel is being sold.
- If original, the access might allow them to see user profiles, KYC documents, and support capabilities, hence creating potential issues with data security and phishing.
Kraken is again at the centre of fresh online claims that access to its internal support or administrative panel is being sold on dark web forums for as little as $1. According to Dark Web Informer’s X post, one listing apparently is offering read-only access that could provide user profiles, transaction histories, and full KYC documents, including identity cards, selfies, proof of address, and declared sources of funds.
🚨🦑 Kraken cryptocurrency exchange panel access being sold on a dark web forum – read-only account with user profiles and transaction history.
Access details:
▪️ View only – user profiles and transaction history
▪️ Generate support tickets to phish or extract more data
▪️ No… pic.twitter.com/7LsxRNMkYa— Dark Web Informer (@DarkWebInformer) January 1, 2026
The reported access is reportedly good for one to two months until authentication rotation and is set to expire around February. It is said to be proxied through their own infrastructure with no IP restrictions and has additional functionality such as creating support tickets, which could potentially be used to phishing attacks and obtain further private data.
However, it has not been proven whether or not the listing is legitimate, nor has Kraken acknowledged or shown signs of unauthorized entry to its internal system. As far as the official exchange is concerned, it has not made a comment on these dark web allegations. This leaves room to question whether it is a misleading advertisement or one intended to cause concern.
Potential Security Risks and Industry Context
Even when these were termed “read-only,” there were apparent risks posed by these levels of access. This has been highlighted as a risk by Kraken’s own security analysts, as users would then have access to customer information and other various support dashboards that could potentially pose a social engineering risk. Using actual transaction information and/or KYC information, an individual might pose as a Kraken agent communicating with a user and request them to send money to a wallet under the attacker’s control.
This is in light of various issues that have been associated with data breaches on various cryptocurrency platforms, as well as dark web operations. There have been various cases in recent years that have shown personal information as well as account details of millions of cryptocurrency traders on the dark web. This notwithstanding, it should be noted that these cases were related to the Kraken situation and serve to illustrate the wider operating context for cryptocurrency platforms.
Kraken, on the other hand, has otherwise clarified that its “overall approach to cybersecurity is multi-layered, with a set of ‘insider protection mechanisms’ which reduce unnecessary personnel access to our customers’ data and systems which are designed to alert us to unusual activity on our systems and networks.” The mechanisms are aimed at “anticipating and preventing unauthorized system activity,” although data on specifics involving panel access is limited.
Although the information regarding the dark web announcement about Kraken’s support panel access raises some worrying signals, the lack of third-party evidence or even a Kraken acknowledgment on this matter makes all this information unverified. Under these circumstances and supposing that particular information is correct, read-only data access may have critical social engineering attack implications and privacy risks. It is a clear sign that there is a perpetual battle between data publicity on centralized markets and better data control and continuous observation. Warns all exchanges and users on the perpetual dark web marketplace threats and proactive defense actions.
Highlighted Crypto News:
ETH Daily Transactions Hit New All-Time High Amid Network Upgrades