Crypto Quill

A hacker has allegedly gained access to a law enforcement request account named “KodexGlobal”, which allows them to issue emergency data requests (EDRs) for user information from various platforms, including LinkedIn, Discord, Tinder, Binance, Coinbase, Chainlink, and more. The hacker is selling the account for $5,000 or $300 per EDR on BreachForums, a hacker forum.

How did the hacker get access to KodexGlobal?

KodexGlobal is a platform used for secure communications between law enforcement agencies and regulators. Hackers with access to such an account could request personal data about a platform’s users by falsely claiming legal reasons for the request. The abuse of the system could lead to identity theft, extortion, and financial loss for users, especially those holding crypto assets.

According to Hudson Rock, a cybercrime solutions provider, the hacker “very likely” gained access to law enforcement systems by exploiting credentials obtained from Infostealer Infections. These are often gained by compromised computers owned by law enforcement officers.

“Today, Hudson Rock researchers identified over 50 different sets of credentials for Google’s law enforcement system from various Infostealer infections,” said Hudson Rock in a blog post.

Is this the first time KodexGlobal has been compromised?

This is not the first time that KodexGlobal has been targeted by hackers. In December 2023, Hudson Rock reported that a hacker was attempting to sell access to Binance’s law enforcement portal through KodexGlobal. It posted a screenshot showing three computers reportedly infected by global malware-spreading campaigns in 2023, resulting in compromised credentials. The three logins shown in the image with access to Binance’s login panel appeared to belong to compromised law enforcement officers in Taiwan, Uganda, and the Philippines.

However, Hudson Rock did not confirm any Binance system breaches, user data, or crypto thefts. At the time, KodexGlobal reportedly dismissed it as a “scam”, though Binance reportedly confirmed they were aware of “such access”, according to the firm.

What are the implications of this hack?

This hack exposes the vulnerability of law enforcement systems and the potential risks for users of various platforms, especially those dealing with crypto assets. Hackers could use the user data to launch phishing attacks, blackmail users, or steal their funds. Users are advised to be vigilant and protect their online accounts with strong passwords, two-factor authentication, and encryption.

Hudson Rock also urged law enforcement agencies to improve their security measures and prevent unauthorized access to their systems. “Law enforcement agencies should take immediate action to secure their systems and prevent further abuse of their access to user data,” said Hudson Rock.