Article Details
Scrape Timestamp (UTC): 2025-10-02 17:08:18.457
Source: https://www.theregister.com/2025/10/02/subpoena_tracking_platform_outage_blamed/
Original Article Text
Click to Toggle View
Subpoena tracking platform blames outage on AWS social engineering attack. Software maker Kodex said its domain registrar fell for a fraudulent legal order. A software platform used by law enforcement agencies and major tech companies to manage subpoenas and data requests went dark this week after attackers socially engineered AWS into freezing its domain. Kodex Global said its website, portal, API, and some email services were rendered unavailable on October 1 between 08:54-12:47 EDT. AWS is the domain registrar for Kodex Global. 'Impersonation as a service' the next big thing in cybercrime While Kodex didn't explicitly name AWS in its public update on the outage, cyber sleuths identified that attackers attempted to transfer the domain to a different registrar. "While threat actors claimed responsibility for the disruption, ownership was never transferred; it was the registrar who improperly froze our domain as a result of the fraudulent legal order," the company claimed. "No credentials were compromised, no customer data was accessed, and Kodex itself was never breached. At no point did the threat actors have access to, or compromise the confidentiality of, customer data or internal systems." A spokesperson at AWS told The Register: "We quickly resolved the matter as soon as we were made aware of the error and are taking steps to ensure that it doesn't happen again." If the attackers had been more successful, the potential consequences could have seen them intercept Kodex's emails, potentially accessing sensitive information, or taking control of accounts with access to MFA authentication resets, among other things. According to Kodex, its software is used by more than 15,000 government agencies worldwide, as well as a host of major tech companies, including AT&T, Binance, Bumble, Discord, Hinge, Match Group, OpenAI, Yahoo, and more. Somewhat ironically, the social engineering attack that led to its outage came mere hours after Kodex issued a warning about law enforcement agencies and local government that also had their domains compromised. The attacks targeted organizations in the US, various countries in South America, and Greece, according to a company LinkedIn post.
Daily Brief Summary
Kodex Global experienced a service outage after attackers used social engineering to manipulate AWS into freezing its domain on October 1, affecting website, portal, API, and email services.
The attack targeted Kodex's domain registrar through a fraudulent legal order, leading to a temporary freeze but no transfer of domain ownership occurred.
No customer credentials or data were compromised during the incident, and Kodex's internal systems remained secure throughout the attack.
AWS quickly addressed the issue upon notification and is implementing measures to prevent future occurrences of similar attacks.
Kodex's platform, utilized by over 15,000 government agencies and major tech companies, faced potential risks of email interception and unauthorized account access.
The attack coincided with a recent warning from Kodex about similar compromises affecting law enforcement and government domains globally.
This incident underscores the growing threat of social engineering in cybercrime, emphasizing the need for robust verification processes.