Kraken Exchange Faces Extortion After Insider Recorded System Footage
Kraken Exchange Faces Extortion 🚨
A US-based cryptocurrency exchange, Kraken, is currently battling a ransom demand from unidentified hackers following two separate security incidents. These hackers are leveraging stolen video recordings of internal customer management systems, but Kraken has firmly stated that it will not negotiate or pay the attackers.
In February 2025, Kraken initiated an internal investigation after being alerted about a video circulating on a criminal forum. Security teams discovered that the individual behind the video was a member of the exchange’s own support staff. Although the company blocked their access and implemented new security measures, the risk persisted. Recently, a second incident occurred involving a similar video, revealing another case of a support team member misusing their access. In total, hackers may have accessed the data of approximately 2,000 accounts—representing 0.02% of all Kraken users. While the company asserts that no full system penetration occurred, these stolen videos are now the primary tool for the extortion attempt.
Kraken is collaborating with federal law enforcement agencies across several countries. Nick Percoco, the exchange’s Chief Security Officer, emphasized that there is sufficient evidence to identify and apprehend those responsible. The company is also partnering with other firms to thwart insider recruitment efforts, as these campaigns often target employees in the crypto, gaming, and telecommunications sectors. In a detailed security update on X.com, Percoco clarified that the company’s systems were never breached and that funds were never at risk. He reiterated that Kraken will never negotiate with bad actors and is continuously enhancing its security measures to combat these emerging global threats. Kraken has already reached out to anyone who might have been affected.
Eliwood, a notable Cyber Threat Intelligence (CTI) expert, described this incident as a classic example of an insider threat. He noted that even though the first staff member was caught a year ago, the stolen data continues to pose a problem today. This situation highlights how employee involvement in data theft can create long-term risks for any business. Other major crypto platforms have faced similar insider threats. As reported by Hackread.com in May 2025, Coinbase encountered a $20 million ransom demand after a breach affecting 70,000 users, but it refused to pay and instead offered the same amount as a reward for information on the attackers. In that incident, hackers bribed offshore workers to access customer records.