Key takeaways:
- Hacker offers access to subpoena user data via KodexGlobal for $5,000 or $300 per emergency data request (EDR).
- Alleged sale raises concerns over unauthorized access to private user information on major platforms.
In a concerning development for digital security, reports have emerged of a hacker claiming access to a law enforcement request account dubbed “KodexGlobal.”
This access purportedly enables the hacker to subpoena user information from prominent platforms such as Coinbase, Binance, Chainlink, and others.
According to cybersecurity firm Hudson Rock, the hacker is advertising their illicit access on the cybercrime forum BreachForums. The hacker is offering access to the law enforcement request system account for $5,000 or $300 per emergency data request (EDR), presenting a significant threat to user privacy and security.
The hacker, operating under the alias “Tamagami,” has outlined various options to monetize the account, including one-time requests priced at $500 and complete access to the account at a negotiable price.
This illicit activity poses severe risks to individuals, as emergency data requests executed under false pretenses could lead to identity theft, extortion, and substantial financial losses, particularly for those with cryptocurrency assets.
Hudson Rock has suggested that the hacker likely exploited credentials obtained through Infostealer Infections, a method where malware acquires sensitive information from compromised computers, potentially including those owned by law enforcement officers.
The firm has identified over 50 different credentials for Google’s law enforcement system compromised through such infections, highlighting the widespread nature of the security breach.
This alarming trend of threat actors gaining access to law enforcement systems of major organizations underscores the vulnerabilities in digital security frameworks. The abuse of such access often results in dire consequences for users, including identity theft and financial harm.
Notably, this isn’t the first instance of a hacker offering access to a law enforcement portal. In December 2023, Hudson Rock reported a similar offering for access to Binance‘s law enforcement portal through KodexGlobal.
Despite a recent GitHub code leak involving Binance, the exchange has downplayed the risks, stating that they are “negligible” and do not pose a substantial threat to their platform-level security and usability.
However, the revelation of a hacker’s claim to access KodexGlobal and potentially subpoena user information without proper authorization serves as a stark reminder of the vulnerabilities in digital security.
It underscores the importance of heightened awareness and cooperation among all stakeholders in the digital ecosystem to mitigate such threats and safeguard user data effectively.
