A malicious actor claims to have “KodexGlobal” account, issuing emergency data requests (EDRs) to crypto and social media platforms.
Binance has denied allegations of a recent data breach, saying that the user accounts remain secure.
Earlier, a hacker asserted gaining access to a law enforcement request account named “KodexGlobal,” purportedly enabling the subpoena of user information from various firms, including Coinbase, Binance, and Chainlink.
Binance Refutes Data Leak Claims
In a recent blog update on February 4, Hudson Rock, a cybercrime solutions provider, reported that a hacker is offering access to a law enforcement request system account on BreachForums for $5,000 or $300 per emergency data request (EDR).
The perpetrator claims to be capable of making EDRs for various services, including LinkedIn, Discord, Tinder, Binance, Coinbase, Chainlink, SendGrid, and others.
The hacker is believed to have gained entry into law enforcement systems by exploiting credentials acquired from Infostealer Infections, often originating from compromised computers owned by law enforcement officers.
Hudson Rock’s researchers have identified over 50 credentials for Google’s law enforcement system stemming from various Infostealer infections.
Following these events, a user named “otteroooo” claimed that Binance users’ Know Your Customer (KYC) data was being offered for sale on a dark web marketplace, seemingly linked to the GitHub leak.
A Binance spokesperson, recognizing the potential for compromised law enforcement accounts, assured that the platform employs a comprehensive documentation process and maintains continuous monitoring for any signs of compromised accounts.
Binance’s Credentials Allegedly Compromised
In December 2023, Hudson Rock reported a hacker attempting to sell access to Binance’s law enforcement portal through KodexGlobal. The firm shared a screenshot depicting three computers allegedly infected during global malware campaigns in 2023, leading to compromised credentials.
The logins shown in the image, providing access to Binance’s login panel, were linked to law enforcement officers in Taiwan, Uganda, and the Philippines. While KodexGlobal dismissed it as a “scam,” Binance acknowledged awareness of such access, though they did not confirm any system breaches, user data compromises, or crypto thefts at that time.
Meanwhile, last year in November, a hacker managed to steal $27 million worth of Tether (USDT) from a wallet associated with the Binance deployer.
The funds were converted into Ether (ETH) before being transferred to two exchanges and routed to Bitcoin (BTC) through the THORChain bridge. Meanwhile, the victim’s wallet received Ether from two distinct wallets linked to the Binance deployer in 2019.