Reportedly, the hacker is providing access to KodexGlobal’s emergency data requests (EDRs) for $5,000 in total or $300 per request, facilitating the retrieval of private user information.
A hacker asserts they are vending access to a law enforcement request portal, potentially exploited to gather sensitive user data from prominent technology and cryptocurrency companies such as Binance, Coinbase, Chainlink, among others. As per a Hudson Rock report, the threat actor is marketing access to “KodexGlobal,” a law enforcement request account capable of furnishing fraudulent subpoena privileges to solicit private user data under the guise of official law enforcement processes. Allegedly, the hacker offers this access for a total of $5,000 or $300 per emergency data request (EDR).
The KodexGlobal platform functions as an intermediary for law enforcement agencies and regulators, ostensibly offering a secure environment for their procedures. However, if access to this platform is illicitly sold to a buyer on the dark web, it opens the door for the illegal acquisition of personal user data from companies, despite the façade of legitimacy surrounding the requests.
Such misuse could result in identity theft, extortion, and financial fraud targeting cryptocurrency users, as well as users on other platforms like LinkedIn, Tinder, Discord, and others.
Hudson Rock, the cybercrime intelligence firm that investigated the recent MailerLite hack resulting in over $500,000 drained from crypto wallets, disclosed discovering “over 50 different sets of credentials” from KodexGlobal.
Furthermore, Hudson Rock reported in December 2023 a similar offering for access to Binance’s law enforcement portal through KodexGlobal. This was before a recent GitHub code leak involving Binance, with the exchange stating the risks from the leak were “negligible” and posed no substantial threat to platform security and usability.
Responding to the recent report on KodexGlobal access being peddled on the dark web, a Binance spokesperson remarked that Hudson Rock’s findings “do not represent a breach” of Binance’s internal systems. As for Coinbase and Chainlink, they have not released official statements addressing the matter.