Earlier this week, a BreachForums user named Miembro announced the sale of access to a Binance data request portal, built and maintained to assist police and government officials around the world in their attempts to track down cybercriminals.
The sale has since been suspended due to an error involving a crypto mixer used by a buyer to send funds to the seller which turned out to be an invalid address.
Access to de-anonymized data
However, the sale will be allegedly resume in about a week, once the mixer returns the funds.
Until then, it remains unclear how much data is available to bad actors. If the seller is to be believed – and its past reviews indicate that it is reputable, to the extent that that term applies here – users’ emails, phone numbers, wallet IDs, and transaction IDs may be inspected using the access provided by the author.
The above information is valid for an asking price of just $10,000.
How was access acquired?
At this time, no details are available on the exact source of the data breach. Security researchers at Hudson Rock, however, have come up with a plausible hypothesis.
Hacker Sells Access to Binance Law Enforcement Portal, Cryptocurrency Holders in Danger.
Details inside: pic.twitter.com/urIJB5hXBH
– Hudson Rock (@RockHudsonRock) December 19, 2023
Apparently, Binance would allow law enforcement to access its database through Kodex Global. According to Hudson Rock, the entry points It appears to be three computers infected with malware that allowed a malicious actor to steal Kodex login credentials.
“The three logins shown in the image with access to the Binance login panel appear to belong to compromised law enforcement officers from the Criminal Investigation Bureau (CIB) in Taiwan, the Uganda Police Force (UPF) and the group anti-cybercrime (ACG). of the Philippine National Police (PNP).
Cybersecurity researchers have since contacted Binance about their theory. So far, no public response has been provided by the exchange.
Although the access provided is unlikely to directly manipulate Binance accounts, the leak still allows sensitive accounts to be probed for information, deanonymized users, and exposed to targeted harassment, attempts to phishing, etc.
A similar incident took place in 2020 when Ledger customer data was stolen. Hardware wallet users were then bombarded with threats attempting to trick them into sending hackers their crypto so they would be left alone. It is unclear whether any of these threats were carried out.
For now, the Hudson Rock team recommends that all users enable 2FA, update their passwords, and stay vigilant.
Binance Free $100 (Exclusive): Use this link to sign up and receive $100 free and 10% off fees on Binance Futures for the first month (terms).