Access to law enforcement portals operated by Google, Meta, Tik Tok and Kodex Global is being sold online for $200–$500 per request or $5000+ for full account access. Binance, which uses Kokex to manage law enforcement data requests, has reassured users that their accounts remain safe, but fears remain over the potential for data leaks.
Kodex is an online portal designed to streamline communication between law enforcement agencies and businesses that hold sensitive customer data, helping them to efficiently and compliantly manage subpoenas and search warrants.
While some large companies like Google and Meta have built custom request portals, Kodex is used by financial technology companies including Binance, Coinbase, Fidelity and Stripe. It is also the preferred platform for the likes of Discord, LinkedIn, Tinder and more.
Access to Kodex was first advertised on Breach Forums on Friday, February 2. Although CCN has not verified their authenticity, screenshots shared by the seller Tamagami appear to show the user interface through which government employees make requests. What’s more, overwhelmingly positive responses on Breach – a well-known cybercrime forum – suggest that the offering is legitimate.
In comments made to CCN, however, a Kodex spokeswoman explained that the platform has safeguards in place to prevent abuse by compromised accounts.
“[We] operate under the assumption that access to a law enforcement email address is insufficient verification to trust someone because compromised email domains are a well-known threat,” she said.
Discussing the service being advertised online, she observed that “multiple flags were tripped in our system to suspend the account before any requests were sent.” The screenshots advertised online only show incomplete processes and there is “no evidence that a request was actually sent or that any data was ever returned,” she added.
Responding to news that Kodex access was being sold online, Binance stated that “our security team has assessed this,” and has confirmed that “there is no such leak from Binance systems. The crypto exchange’s customer support desk added that “user accounts remain safe.”
Binance’s apparent lack of concern could perhaps be explained by the fact that this isn’t the first time Kodex access has appeared for sale online.
While Binance and other Kodex users remain tight-lipped on the precise details of how they manage such incidents, so far, there is no evidence suggesting compromised accounts have led to any significant increases in fraud. As Kodex has noted, just because a service is offered, doesn’t mean illegitimate requests have been fulfilled.
That being said, criminals gaining access to a platform that is meant to be reserved for government agencies – even if their data requests are ultimately denied – is nonetheless alarming.