The hacker claims to have a way to ‘request’ user information for Discord, Binance, Coinbase
The online hacker said they had access to the “KodexGlobal” account, a law enforcement inquiry that allowed buyers to buy user data from Coinbase, Binance, Chainlink and other firms.
According to a blog post updated on February 4, cybercrime solutions provider Hudson Rock reported that the hacker was selling a law enforcement request system account on BreachForums for $5,000 or a $300 emergency data request (EDR).
The services that the hacker claims to be able to EDR with are LinkedIn, Discord, Tinder, Binance, Coinbase, Chainlink, SendGrid and many others. Speaking to Cointelegraph, a Binance spokesperson clarified that the blog's findings do not represent a breach of Binance's system. Although they include suspected law enforcement accounts, a Binance spokesperson said:
We are committed to protecting user information from any unauthorized access with a thorough documentation process and constant monitoring for compromised accounts.
KodexGlobal is a platform for secure communication between law enforcement agencies and regulators. Hackers with access to the platform may request personal information about the company's users by falsely claiming legitimate reasons for the request.
He pointed out that abuse of the system could lead to identity theft, embezzlement and financial loss to users, especially those who hold crypto assets.
Codex Global has reached out to Cointelegraph for comment.
According to Hudson Rock, it is “very likely” that the hacker was able to gain access to law enforcement systems using data obtained from InfoStellar infections. These are usually found on computers owned by law enforcement.
“Today, Hudson's Rock researchers have identified more than 50 different certificates from various Infostellar infections for Google's law enforcement system,” Hudson's Rock said.
New blog post:
Breaking Google, TikTok and Meta Law Enforcement Systems Due to Infostealer Infections https://t.co/PS2t0ZuNif
— Hudson Rock (@RockHudsonRock) January 31, 2024
In December 2023, the firm reported that a hacker was attempting to sell Binance's law enforcement portal via Codex Global.
In the year In 2023, he released screenshots showing three computers seized by global malware-distribution campaigns, which evidence was compromised.
The three logins in the image appeared to be law enforcement officers in Taiwan, Uganda and the Philippines using Binance's login panel. However, Binance has not confirmed any system breaches, user data or crypto thefts.
At that time, KodexGlobal rejected it as a “scam”, although Binance confirmed that they were aware of “such an access”, according to the company.
Read more: How it all went down: Timeline of the Web3 protocol mass phishing campaign
In a separate incident, Binance recently denied reports that “highly sensitive” internal passwords and code caches were exposed on GitHub for months.
In the year
Our security team has reviewed this – while doing all the possible risks – and confirmed that there is no such flow from Binance's systems. User accounts remain secure.
Accounts are protected by multiple safeguards including MFA, biometrics, authenticators, etc.
As always we…
— Binance Customer Support (@BinanceHelpDesk) February 4, 2024
Magazine: Defy's Billion Dollar Secret: Insiders Responsible for Hacking