The hacker that claims to have stolen thousands of KYC documents from Binance has released more photos in a new telegram group set up today. This puts more pressure on the exchange, which has tried to distance itself from the issue, to do something about it or admit that it was at fault.
The latest documents were posted in a telegram group this morning, UTC time, advertised via the hacker’s twitter account. They feature KYC documents, including driving licences, passports and even fingerprints. He or she continues to demand 300 bitcoins ($3.6 million).
Binance made a statement yesterday that it would not give into the hacker’s demands, putting out a reward to find information about him or her.
The documents revealed in the past few days appear to be the same haul of documents that first originated in January, this year. At the time, a darknet hacker—known as ExploitDOT—produced a document containing twenty-six links to screenshots of KYC documents purporting to be part of a haul of thousands from various exchanges.
The issue was brought back to life this week when the hacker started publishing hundreds of documents in various telegram channels. However, Binance maintains that the images are lacking a hidden digital watermark which would show they were stolen directly from the exchange itself.
According to Coindesk, the data may have been taken during Binance’s first hack, in May, this year, which saw 7,000 bitcoin stolen—and other personal data. However, all of the data so far released has been dated February 2018, suggesting this was not the case.
Coindesk engaged in discussions with the hacker for a month, in which he or she flipped between ransoming Binance for money and claiming to be a white hat hacker. This is consistent with ExploitDOT (the name given to the hacker earlier this year) who also switched between wanting large amounts of money and trying to appear altruistic, hoping the documents could be sold in such a way that would not see them used for illegitimate reasons.
In a series of Tweets, the hacker claimed that Binance could have prevented this leak, but didn’t. He or she also added that it is not about money. But, after asking for 300 bitcoins, this is hardly believable.
Update: [August 8, 12:51 UTC] It appears the "hacker" demanding 500 ETH was an impersonator. We regret the error.