Hacker Claims Access To Binance, Coinbase User Data Through KodexGlobal

A hacker has breached into the law enforcement request systems of prominent tech firms such as Google, Meta, and TikTok, as well as major crypto exchanges like Binance, Coinbase, Chainlink, Discord, Fintech, allowing buyers to subpoena user information.

The claim was revealed by cybercrime solutions provider Hudson Rock on Sunday, which noted that the hacker sells access to a KodexGlobal account on BreachForums.

The malicious actor asks for anywhere between $300-$500 per emergency data request (EDR) made on the law enforcement request system, which allows for secure communications between regulators and law enforcement agencies.

The actor, who goes by "Tamagami," promise that for $500, interested buyers can "subpoena any TikTok account and get your data within 8 hours." Tamagami accepts any type of crypto payment. For Meta data requests, the same $500 EDR fee applies. For account access, the hacker demands $5,000.

The cybercrime solutions provider estimates that the hacker may have gained access to the systems using various types of credentials such as the Civil Police of Brazil, Mexico City's government, and Arkansas police.

"A worrying trend emerges as threat actors hack into the law enforcement systems of major organizations, gaining the ability to legally request personal details of users. This abuse often leads to identity thefts, extortion, and financial losses," Hudson Rock wrote.

Hudson Rock said KodexGlobal has dismissed the matter as a "scam," but Binance confirmed to the cybercrime intelligence solutions firm that "they were aware of such access."

A Binance spokesperson told Cointelegraph that Hudson Rock's findings do not necessarily represent a breach of the popular crypto exchange's system. "With a thorough documentation process in place and constant monitoring for any compromised accounts, we remain committed to safeguarding our user data against any form of unauthorized access," the spokesperson said.

The infostealer infection tracker previously revealed that a hacker was attempting to sell access to Binance's law enforcement info request portal through KodexGlobal.

In its December report, Hudson Rock said the hacker wrote on BreachForums that they are "selling access to a Binance Data Request Portal." The asking price for access is $10,000 Bitcoins or Monero crypto.

Hudson Rock recommends that organizations "take notice of this trend" and establish the necessary security protocols to ensure that only the authorized owners of accounts are allowed access to law enforcement systems.

This comes about a week after Ripple CEO Chris Larsen revealed that "there was unauthorized access" to some of his "personal XRP accounts." About an hour before Larsen's announcement, crypto security researcher ZachXBT said it appeared 213 million worth of Ripple-focused cryptocurrency XRP was stolen from a crypto wallet.

ZachXBT said the millions were already laundered across various crypto platforms and exchanges, including Binance, OKX and Kraken.