- Hacker claims to access KodexGlobal platform to request user data from tech/crypto companies by posing as law enforcement
- Hacker selling KodexGlobal account access on hacker forum for $5k total or $300 per fake emergency data request
- Hacker likely obtained access by exploiting compromised law enforcement credentials from malware infections, according to cybersecurity firm
Exploiting a Critical Communication Channel
The hacker’s alleged access to KodexGlobal enables them to fabricate legal justifications for obtaining sensitive user information from companies. This list of targeted entities spans across various sectors, including social networking services like LinkedIn and Discord, dating app Tinder, and notable names in the cryptocurrency industry such as Binance, Coinbase, and Chainlink. Even SendGrid, a prominent email delivery service, is not spared from these potentially fraudulent data requests.
A Lucrative Scheme Unveiled
The gravity of this situation is further compounded by reports from the cybersecurity firm Hudson Rock, revealing that the hacker is commercializing this unauthorized access. The going rate on a hacker forum is pegged at $5,000 for complete account access or $300 for each emergency data request, turning this security loophole into a profitable venture.
Tracing the Source of the Breach
The method of obtaining such privileged access is believed to be through the exploitation of compromised law enforcement credentials, likely due to malware infections. Hudson Rock’s investigations have unearthed over fifty instances of law enforcement logins to Google services being compromised in this manner.
Previous Activity
In December 2022, a similar case occurred with Binance’s law enforcement portal being sold through KodexGlobal. While KodexGlobal claimed it was a scam, Binance confirmed awareness of the unauthorized access.
Securing User Data
In response to the report, Binance stated they have processes to safeguard user data and monitor for compromised accounts.
The potential abuse of this system is concerning, as it could lead to identity theft, extortion, and other issues, especially for crypto users.
