A hacker is claiming to have obtained access credentials to a major law enforcement platform and is selling the ability to file fraudulent crypto subpoenas against leading exchanges. The scheme, advertised on dark web forums, exploits emergency data request systems meant to aid criminal probes.
According to cybersecurity firm Hudson Rock, the attacker says they control a “KodexGlobal” account which can submit legal orders to firms like oinbase">Coinbase, Binance, and Chainlink demanding they hand over user information. Platforms that received the falsified requests would not necessarily know they lack legitimate grounds.
By masquerading as law enforcement, the hacker could access sensitive personal details to enable identity fraud, extortion hacks, and crypto asset thefts. Selling each ill-gotten subpoena for $300, the entire account is listed for $5,000.
Hudson Rock believes the credentials were likely stolen through phishing attacks on officers themselves, providing a troubling reminder of cybersecurity gaps within institutions guarding sensitive access. Previously, the firm identified 50 different law enforcement logins available from malware infections.
The latest scheme also raises fresh questions about web platforms’ verification processes before sharing user data with authorities. As crypto adoption grows, exchanges face increased pressure to balance compliance obligations against upholding customer privacy and security.
For innocent traders who expect their holdings and activities to remain undisclosed, this breach illustrates how intermediaries in the data security chain remain vulnerable behind the scenes. It accentuates the enduring appeal of truly decentralized and self-custodial exchange alternatives.
