A hacker claims to have a “KodexGlobal” account allowing them to issue Emergency Data Requests (EDR) to some major crypto firms.

According to Hudson Rock’s report, the hacker is now offering $5000 or $300 per Emergency Data Request (EDR) in exchange for access to “KodexGlobal” a law enforcement request portal that allows harvesting sensitive user data. The hacker claims to have made EDRs for Binance, Coinbase, Chainlink, LinkedIn, Discord, Tinder, and many others.

The report also stated that the hacker must have gained access to law enforcement systems by exploiting credentials obtained from Infostealer Infections. These are often gained by compromised computers owned by law enforcement officers. 

The KodexGlobal platform uses an interface for law enforcement agencies and regulators, providing a supposed secure space for such procedures. The supposed access to the platform is sold to a buyer from the dark web. As a result, personal user data from a company can be obtained illegally despite the ruse of a legal framework behind the request. If abused, this may result in extortion, identity theft, and financial fraud that targets crypto users and other platform users. 

Hudson Rock, a cybercrime intelligence firm also investigated the recent MailerLite hack – an attack that resulted in over $500,000 in stolen funds and identified over 50 different sets of credentials from KodexGlobal. The firm also reported a similar case where Binance’s law enforcement portal was being sold through KodexGlobal.

After an X post claimed that Binance user data was available on GitHub, the company reassured that there are no leaks in the platform’s system and that user accounts remain secure.