I recently read an interesting article about a situation with Binance that might sound scary at first, but hold on! It turns out, Binance itself wasn't hacked. Let's break down what's really going on...
First, El Salvador's financial investigation unit works with Binance on anti-money laundering training through a system named Kodex:
So the issue lies with that third-party service called Kodex, which Binance uses to validate law enforcement requests for user data. While Binance itself seems secure, Kodex might have a vulnerability.
Here's the breakdown:
- Hackers are targeting law enforcement email accounts. They're looking for login credentials that could be used to access various platforms, including Kodex.
- If a hacker compromises a law enforcement email account, they could potentially gain access to Kodex.
- Through Kodex, they might be able to see requests for user data submitted by legitimate law enforcement officials.
In theory, a hacker could then use this access to impersonate real law enforcement and submit fraudulent requests for user data on Binance.
Here's the key point: This situation highlights a potential flaw in Kodex's security measures. It seems that compromised law enforcement accounts could be used to gain unauthorized access to user data requests.
