7 months ago
29 ARTICLE AD
The hacker allegedly offers $5,000 (total) or $300 per emergency data request (EDR) from KodexGlobal to access and request private user data.
A hacker claims to be selling access to a law enforcement request portal that can be abused to harvest sensitive user data from major tech and crypto firms like Binance, Coinbase, Chainlink, and others.
According to a report from Hudson Rock, the threat actor is offering to sell access to “KodexGlobal,” a law enforcement request account that can provide fraudulent subpoena access and request private user data in the guise of a law enforcement procedure. The hacker allegedly offers $5,000 (total) or $300 per emergency data request (EDR).
The KodexGlobal platform operates as an interface for law enforcement agencies and regulators, providing an ostensibly secure space for such procedures. Suppose access to such a platform is sold to a buyer from the dark web. In that case, personal user data from a company can be obtained illegally despite the ruse of a legal framework behind the request.
If abused, this could lead to identity theft, extortion, and financial fraud targeting crypto users, as well as users from other platforms such as LinkedIn, Tinder, Discord, and others.
Hudson Rock, the cybercrime intelligence firm that also investigated the recent MailerLite hack, which led to over $500,000 in funds drained from crypto wallets, said they identified “over 50 different sets of credentials” from KodexGlobal.
Hudson Rock also reported in December 2023 that a similar offering for access to Binance’s law enforcement portal was being sold through KodexGlobal. This was before a recent GitHub code leak involving Binance in which the exchange said that the risks from the leak were “negligible” and didn’t pose a substantial threat to its platform-level security and usability.
Commenting on the recent report about KodexGlobal access being sold off to the dark web, a Binance spokesperson said that Hudson Rock’s findings “do not represent a breach” of Binance’s internal systems. Coinbase and Chainlink have not issued official statements to address the issue.
The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.
You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.
