At the start of the week, a user named Miembro on the BreachForums announced the sale of access to Binance‘s data request portal, which contains critical information of Binance users. This portal is designed to host law enforcement and government officials worldwide for tracking cybercriminals.
The hacker, Miembro, claims to have obtained emails, phone numbers, wallet addresses, and exchange identities of Binance users. Access to this sensitive data is being offered for a relatively low fee of $10,000. It remains unclear whether any buyers have acquired the data or to what extent it has been sold.
While there is no concrete information on how access to Binance’s data portal was achieved, security researchers at Hudson Rock have proposed a plausible hypothesis. They suggest that Binance grants access to law enforcement databases through Kodex Global. According to Hudson Rock, the hacker gained access by infecting computers in Taiwan, Uganda, and the Philippines with malware.
Cybersecurity researchers have reached out to Binance for clear information regarding the incident but have not received a public response from the cryptocurrency exchange. The breach does not allow direct manipulation of Binance accounts, but sensitive user information has been compromised, potentially leading to loss of anonymity, harassment, phishing attempts, and more.
The Hudson Rock team has advised all Binance users to enable Google Authentication (2FA) and update their passwords as a precautionary measure. This incident is reminiscent of a similar event in 2020 when customer data was stolen from hardware wallet provider Ledger, leading to threats from hackers demanding cryptocurrency payments from the victims.