A threat actor operating under the alias 0xBlade is claiming to have full access to the database of Dtunes.ng, a Nigerian platform popular for trading gift cards and cryptocurrency. The threat actor claims the sale is a one-time sale to a single buyer only, with no data splits.
The sample shared on the dark web forum includes user names, emails, and transaction timestamps. Given the platform’s nature, facilitating informal crypto trades for cash, the data could be leveraged by cybercriminals for spear-phishing, targeted scams, or even extortion schemes.
This breach once again highlights the persistent risks to platforms operating in Nigeria’s fast-growing but often under-regulated crypto sector. Users of DTunes.ng should monitor their inboxes for phishing attempts and consider updating their passwords on any services tied to their email accounts.