A major data breach has struck Valens Bank, an offshore financial institution, as a hacker group known as "Weyhro" claims to have compromised the bank's entire digital infrastructure and cryptocurrency operations. The attack reportedly resulted in a massive 37GB data leak exposing sensitive customer information and internal systems.
The breach, posted on March 28 on a private Russian cybercrime forum, allegedly gave attackers complete access to Valens Bank's core systems, including their cryptocurrency exchange platform, payment processing, and customer databases. "They still don't know how deep this goes," the hacker stated, claiming to have obtained root-level access across the organization.
The leaked data reportedly contains:
- Over 400,000 customer records and financial details
- Cryptographic keys for wallet management
- Complete source code for payment and exchange platforms
- International wire transfer logs
- Authentication and security systems
Of particular concern, the attacker shared detailed technical information about how they bypassed the bank's encryption, claiming to have exploited weaknesses in the TripleDES implementation used to secure private crypto wallet keys. This vulnerability potentially allows unauthorized access to customer funds.
Valens Bank, which markets itself as a "frontier digital bank," operates primarily from the Comoros Islands and South Africa, offering blockchain-based financial services and multi-currency accounts. The breach appears to have impacted their operations across multiple countries, including systems in Canada, the UK, and other European locations.
The hacker distributed the stolen data through .onion domains on the dark web, providing a comprehensive index of the compromised files organized in directories labeled "DB," "Git," and "S3."
This incident raises serious questions about the security practices of offshore digital banking institutions and highlights the growing sophistication of cyber attacks targeting cryptocurrency operations.
Bank officials have not yet publicly responded to these claims as investigations continue.