Hacker Claims to Have Accessed Law Enforcement System Used by Binance and Coinbase

Share via:


A hacker claims to have accessed a law enforcement system used by clients including crypto exchanges Coinbase and Binance.

But none of the parties involved—the security firm that reported it, the company that’s supposedly been compromised, or the crypto exchanges at risk—seem to agree on whether to take the hacker’s threat seriously.

Cybercrime intelligence firm Hudson Rock published the claims on its InfoStealers blog, noting that a threat actor with the handle “Tamagami” claimed to have accessed law enforcement systems including Kodex. That’s the system used to handle subpoena requests for companies including Chainlink, Coinbase and Binance.

The hacker offered to sell access to the account for $5,000, along with individual subpoena requests for $300. If any of the hacker’s claims are legit, then someone who bought the ill-gotten credentials could use them to impersonate law enforcement and subpoena a whole host of sensitive data related to crypto exchange users.

Hudson Rock CTO Alon Gal told Decrypt that while it’s “hard to validate Tamagami’s claims,” they had also claimed to have accessed Google and Meta’s law enforcement systems and provided “what appears to be genuine images from the platforms.” He added that the user had around 250 reputation points on the cybercrime forum, “indicating that users vouch for their legitimacy.”

Hudson Rock additionally claimed to have identified more than 50 different sets of credentials for Google’s law enforcement system from a variety of Infostealer infections, with Gal noting that hackers purporting to sell access to law enforcement systems is a known threat vector rather than an isolated incident.

“The reported illicit sale of access to the Law Enforcement Request Portal does not represent a breach of Binance’s system,” a Binance spokesperson told Decrypt. “Instead, it may involve compromised law enforcement accounts.”

They added: “With a thorough documentation process in place and constant monitoring for any compromised accounts, we remain committed to safeguarding our user data against any form of unauthorized access.”

A spokesperson for Kodex disputed the claims in a statement emailed to Decrypt, noting that, “folks are confusing access to the Kodex platform as access to its functionality,” and that the screenshots advertised from hacker forums and Telegram channels “only show incomplete processes—no evidence that a request was actually sent or that any data was actually returned.”

A screenshot of a cybercrime forum post by ‘Tamagami’. Image: Hudson Rock

The spokesperson added that the firm operates under the assumption that simply having access to a law enforcement email address is insufficient verification, and that the firm monitors account behavior for suspicious activity.

“Multiple flags were tripped in our system to suspend the account before any requests were sent,” the spokesperson said in an email, adding that every account associated with a flagged email domain is suspended until reverified by Kodex’s team. “Emergency Data Requests (EDRs) go through additional layers of verification and this account was never authorized,” they said.

Edited by Stacy Elliott.

Stay on top of crypto news, get daily updates in your inbox.



Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Popular

More Like this

Hacker Claims to Have Accessed Law Enforcement System Used by Binance and Coinbase


A hacker claims to have accessed a law enforcement system used by clients including crypto exchanges Coinbase and Binance.

But none of the parties involved—the security firm that reported it, the company that’s supposedly been compromised, or the crypto exchanges at risk—seem to agree on whether to take the hacker’s threat seriously.

Cybercrime intelligence firm Hudson Rock published the claims on its InfoStealers blog, noting that a threat actor with the handle “Tamagami” claimed to have accessed law enforcement systems including Kodex. That’s the system used to handle subpoena requests for companies including Chainlink, Coinbase and Binance.

The hacker offered to sell access to the account for $5,000, along with individual subpoena requests for $300. If any of the hacker’s claims are legit, then someone who bought the ill-gotten credentials could use them to impersonate law enforcement and subpoena a whole host of sensitive data related to crypto exchange users.

Hudson Rock CTO Alon Gal told Decrypt that while it’s “hard to validate Tamagami’s claims,” they had also claimed to have accessed Google and Meta’s law enforcement systems and provided “what appears to be genuine images from the platforms.” He added that the user had around 250 reputation points on the cybercrime forum, “indicating that users vouch for their legitimacy.”

Hudson Rock additionally claimed to have identified more than 50 different sets of credentials for Google’s law enforcement system from a variety of Infostealer infections, with Gal noting that hackers purporting to sell access to law enforcement systems is a known threat vector rather than an isolated incident.

“The reported illicit sale of access to the Law Enforcement Request Portal does not represent a breach of Binance’s system,” a Binance spokesperson told Decrypt. “Instead, it may involve compromised law enforcement accounts.”

They added: “With a thorough documentation process in place and constant monitoring for any compromised accounts, we remain committed to safeguarding our user data against any form of unauthorized access.”

A spokesperson for Kodex disputed the claims in a statement emailed to Decrypt, noting that, “folks are confusing access to the Kodex platform as access to its functionality,” and that the screenshots advertised from hacker forums and Telegram channels “only show incomplete processes—no evidence that a request was actually sent or that any data was actually returned.”

A screenshot of a cybercrime forum post by ‘Tamagami’. Image: Hudson Rock

The spokesperson added that the firm operates under the assumption that simply having access to a law enforcement email address is insufficient verification, and that the firm monitors account behavior for suspicious activity.

“Multiple flags were tripped in our system to suspend the account before any requests were sent,” the spokesperson said in an email, adding that every account associated with a flagged email domain is suspended until reverified by Kodex’s team. “Emergency Data Requests (EDRs) go through additional layers of verification and this account was never authorized,” they said.

Edited by Stacy Elliott.

Stay on top of crypto news, get daily updates in your inbox.



Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

More like this

Accenture quarterly earnings: Accenture quarterly numbers point to strong...

India’s $254-billion technology outsourcing industry, key to helping...

Securitize proposes BlackRock BUIDL fund as collateral for Frax...

According to RWA.XYZ, BlackRock's US dollar Institutional Digital...

iPhone 17 Air suddenly makes a lot more sense...

Last week, The Wall Street Journal reported that...

Popular

Upcoming Events

Startup Information that matters. Get in your inbox Daily!