An alarming new trend has emerged within the cryptocurrency community. Sellers are allegedly dealing in highly sensitive information relating to attendees of various blockchain industry events, which could create a profitable opportunity for scam artists. These lists are supposedly comprised of key private details such as full names, phone numbers, job titles, social media handles, wallet addresses, and more.
Typically, this kind of data is gathered via registration forms for conferences or associated events, with ticketing platforms often demanding links to certain social media accounts. A recent acquisition of similar lists featured four compilations, each filled with information from about 60 to 100 participants originating from various events.
These events appear to have taken place predominantly in the fall of 2024, with a sizeable number located in Southeast Asia and India according to the attendee phone numbers. This globalized list suggests a more organized, international trade in data from blockchain event attendees, rather than isolated instances.
Further evidence of this worrying trend is an alleged list of about 1,700 participants from the AIBC conference held in Malta, in November 2024. Initially priced at $4,000, and limited in distribution, the list’s cost subsequently dropped to $650 following a few days. The seller intends to reinvest proceeds from the sale into acquiring extra lists from other events.
Our investigation indicates that the seller could be reselling the data and is possibly of Russian origin, as suggested by a fragment of the sample data and an AI analysis of their writing. Despite the concerning implications of these sales, the seller maintains that the data is not sensitive and is merely a tool for marketing purposes.
Potential risks from these sets are significant as malevolent actors could use the data to exploit those listed through social engineering scams, phishing attempts, or spreading malicious links. AIBC founder, Eman Pulis, has been contacted about the issue and encourages attendees to be mindful of sharing personal data online. He reassures the public that his event has strict protocols against data breaches and cautions against fraudulent databases.