Latest News by Industry
Crypto exchange operator Coinbase Global Inc on Friday said hackers have stolen funds from the accounts of at least 6,000 customers between March and May 20 of this year.
“Customers who use SMS texts for two-factor authentication, the third party took advantage of a flaw in Coinbase’s SMS Account Recovery process in order to receive an SMS two-factor authentication token and gain access to your account,” the mail said, which the company sends out to the affected users.
Although Coinbase said the attackers got access to the customer’s email address, password, and phone number linked to the account and conducted the attack, the company denied that the information was leaked from their side.
While it is still unknown how the hackers gained access, Coinbase said it believes it was through phishing campaigns and social engineering to steal account credentials, which have become common.
Additionally, banking trojans traditionally used to steal online bank accounts are also known to steal Coinbase accounts.
“We took immediate action to mitigate the impact of the campaign by working with external partners to remove phishing sites as they were identified, as well as notifying the email providers impacted,” the crypto exchange said.
Although the Delaware-based company said, “We immediately fixed the flaw and have worked with these customers to regain control of their accounts and reimburse them for the funds they lost,” it’s unclear whether it is paying in fiat money or cryptocurrency.
Coinbase asked its customers to switch to a more secure version of multi-factor authentication such as a hardware security key or an authentication app.
The attack appears to be one of the largest breaches to have affected Coinbase, the world’s second-largest cryptocurrency exchange, with approximately 68 million users from over 100 countries.
In August 2019, the company said it blocked a sophisticated attack resembling more of a nation-state-sponsored attack.
At the same time, it was revealed that Coinbase stored 3,500 customer passwords in plain text on an internal server log. However, outside parties didn’t take advantage of the vulnerability.
Picture Credit: France24