In recent cyber attacks, the law enforcement request systems of well-known tech giants such as Google, Meta, and TikTok, as well as major cryptocurrency exchanges like Binance and Coinbase, have been targeted.
As per a report from InfoStealers, there has been a significant increase in cybersecurity threats resulting in hackers breaching the law enforcement request systems of prominent technology and cryptocurrency firms. The individual behind these attacks, identified by the alias “Tamagami,” is said to have gained unauthorized access to these systems in order to obtain user data.
BreachForum Ads Reveal Sale of User Data
The hacker utilized BreachForum, a cybercrime platform that surfaced as a successor to RaidForums following its closure and seizure in 2022, to advertise and profit from their illicit access to user data.
In a post on BreachForum, the hacker stated, “Hello BreachForums, I’m selling a Facebook / Instagram (Meta) – Law Enforcement Request System account. You can EDR any Facebook / Instagram / Oculus account and get your data within 8 hours.”
Under the alias “Tamagami,” the hacker provided two options for monetizing the account: one-time requests priced at $500 and complete access to the account, the cost of which was open to negotiation.
The hacker further advertised their access to Kodex Global, a law enforcement system capable of requesting information from various platforms including Binance, Coinbase, LinkedIn, Discord, Tinder, and Chainlink. They offered access to Kodex at a rate of $300 per request or $5,000 for the entire account.
Previous findings by Hudson Rock revealed that cybercriminals often exploit law enforcement systems by utilizing compromised credentials obtained through Infostealer malware infections. These compromised credentials typically belonged to officials who inadvertently allowed their computers to be breached.
Hudson Rock suggested that the hacker likely gained access to the systems through a set of compromised credentials. This hypothesis is supported by the hacker’s history of posts on a cybercrime forum, showcasing their proficiency in exploiting a service, IntelX, which is purported to be legal.
Hacker Offers Binance Law Enforcement Request Panel Access for $10,000 Bitcoin
In December 2023, a parallel incident unfolded when a hacker known as “Miembro” posted on BreachForum offering to sell Binance’s Law Enforcement Request Panel for $10,000 worth of Bitcoin.
“Miembro” disclosed that the portal typically handles requests within a timeframe of three to seven days, granting users the capability to submit “unlimited requests.”