Software maker Kodex said its domain registrar fell for a fraudulent legal order

A software platform used by law enforcement agencies and major tech companies to manage subpoenas and data requests went dark this week after attackers socially engineered AWS into freezing its domain.

Kodex Global said its website, portal, API, and some email services were rendered unavailable on October 1 between 08:54-12:47 EDT. AWS is the domain registrar for Kodex Global.

While Kodex didn't explicitly name AWS in its public update on the outage, cyber sleuths identified that attackers attempted to transfer the domain to a different registrar.

"While threat actors claimed responsibility for the disruption, ownership was never transferred; it was the registrar who improperly froze our domain as a result of the fraudulent legal order," the company claimed.

"No credentials were compromised, no customer data was accessed, and Kodex itself was never breached. At no point did the threat actors have access to, or compromise the confidentiality ...