At the end of the line : Coinbase has informed around 6,000 customers of unauthorized access to their cryptocurrency exchange accounts. Although Coinbase has found no evidence that the information was obtained directly from their networks, the exchange has already started refunding affected customers for the full value lost. Coinbase suspects the breach is the result of a social engineering attack designed to gain user and login credentials.
Coinbase is currently one of the largest and most accessible trading platforms available for cryptocurrency enthusiasts. Unfortunately, this makes the exchange a prime target for bad actors with malicious intentions.
Hackers are suspected of using social engineering tactics to gain information about users and exploit a Secure Messaging Service (SMS) vulnerability to bypass Coinbase’s multi-factor authentication. The hack resulted in unauthorized access and withdrawal of funds from 6,000 user accounts.
Coinbase believes the hackers obtained customers’ email addresses, passwords and phone numbers through a phishing scheme designed to collect key information about users. The hackers then used the stolen information to exploit Coinbase’s account recovery process by requesting and obtaining the two-factor authentication token required to access the compromised customer’s accounts. Once obtained, hackers accessed accounts and transferred client funds to unknown destinations.
Users were alerted to the breach, which occurred between March and May 20 of this year, and received information on how the breach occurred, what actions were taken, and how to properly secure their devices. accounts. By Coinbase, redemption distributions have already started and will be provided to all affected customers. They also advised customers on ways to improve their security using more secure multi-factor authentication tools, such as hardware security keys or authenticator apps.
Phishing is a type of attack designed to mimic communications from reputable companies for the purpose of collecting personal and account information. It fits into the larger framework of social engineering attacks; these attacks attempt to use deception and manipulation to influence human behavior in the hope of obtaining sensitive personal or account information.
The breach is not the first incident for Coinbase. In 2019, the exchange was forced to alert more than 3,400 users of an incident where registration information was stored in plain text logs. Around the same time, the exchange reportedly thwarted a highly sophisticated attack that used compromised academic email addresses. This year, the exchange mistakenly sent 125,000 emails to users informing them that their two-factor authentication settings had been changed.
- Thousands of Coinbase wallets emptied by hackers
- Man pretending to be an Apple support rep scanned hundreds of iCloud accounts for nude images
- Hackers Steal Thousands of Coinbase Customers Using MFA Flaw
- Engineering giant Weir Group hit by ransomware attack
- Fake alert emails raise fears of Coinbase hack