An unidentified individual on the Breach Forums platform is attempting to sell access to Binance’s law enforcement panel for $10,000.
The user, with the username “Miembro,” posted on Breach Forums claiming to have access to Binance’s Data Request Portal. According to him, this portal is a private access only used by law enforcement officials across the globe.
Miembro disclosed that the portal typically responds to requests within three to seven days, and users are granted “unlimited requests.” He stated that the asking price of $10,000 should be paid in either Bitcoin or the Monero asset.
Without disclosing how he obtained such confidential information, Miembro directed interested buyers to contact him on Tox and Telegram. He emphasized that all inquiries should be direct and discouraged any generic greetings.
In the past month, Binance has faced challenges following regulatory action against the Bitcoin trading hub.
Following a multi-year investigation into its dealings by the US Department of Justice (DoJ), the Commodity Futures Trading Commission (CFTC), and others, the crypto trading platform incurred a $4.3 billion penalty.
The CFTC would receive $2.7 billion of this total sum, covering penalties for the exchange and ill-gotten transaction fees.
The government agencies justified the stringent penalty by citing Binance’s involvement in money laundering, violations of the US Bank Secrecy Act (BSA), operating an unlicensed derivatives exchange, and encouraging US residents to bypass compliance controls.
As part of the regulatory measures, founder Changpeng Zhao (CZ) resigned as CEO, and Richard Teng assumed the position. CZ faces a February trial, which could see him face 18 months behind bars.
He is also expected to pay $150 million in civil monetary penalty to the CFTC.
Miembro’s actions have stirred concern within the cryptocurrency community. A thorough investigation into the circumstances surrounding the hacker’s proposal by Hudson Rock researchers revealed that the Data Request Portal was hosted on a third-party service called Kodex Global.
A further examination uncovered that various law enforcement computers fell victim to global malware-spreading campaigns in 2023. These campaigns resulted in the compromise of credentials from victims’ browsers to the hackers in question.
To substantiate their findings, Hudson Rock presented evidence indicating that three notable infected credentials belonged to the Criminal Investigation Bureau (CIB) of Taiwan, the Ugandan Police Force (UPF), and the Anti-Cybercrime Group (ACG) operating under the Philippine National Police (PNP).
However, Hudson Rock noted uncertainty regarding whether access to the Binance portal was obtained through the pilfered login credentials.
They did note that the hacker affirmed the smooth operation of the service through the compromised account, as he is quoted saying testing of the service has largely been successful.
Giving insights on the likely implications of this, Hudson Rock remarked that wallet addresses and transaction records can easily be leaked, invading the privacy of crypto users.
In addition, exposed personal data could be stolen, and crypto funds retrieved illegally. The Hudson Rock team has since reached out to the Binance team.