Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    Impact of “infrastructure status” for the DC industry announced in the Union Budget 2022

    February 4, 2022

    Milestone Systems appoints new Chief Revenue Officer

    January 26, 2022

    IIM Udaipur Incubated tech startup FasterrWeb obtains funding

    January 25, 2022
    Facebook Twitter Instagram
    • Demos
    • Buy Now
    Facebook Twitter Instagram
    My BlogMy Blog
    Subscribe
    • Home
    • Features
      • Typography
      • Contact
      • View All On Demos
    • Typography
    • Buy Now
    My BlogMy Blog
    Home»Reviews»Mobile Apps»Coinbase Discloses That 6,000 Customers Got Hacked This Spring
    Mobile Apps

    Coinbase Discloses That 6,000 Customers Got Hacked This Spring

    adminBy adminOctober 1, 2021No Comments3 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr Email
    Coinbase Discloses That 6,000 Customers Got Hacked This Spring
    Share
    Facebook Twitter LinkedIn Pinterest Email

    Coinbase has disclosed that hackers successfully stole cryptocurrency from at least 6,000 customers this spring, partly by exploiting a flaw in the cryptocurrency exchange’s two-factor authentication system. 

    Coinbase revealed the hacking spree in a data breach notice sent out to affected customers this week. “At least 6,000 Coinbase customers had funds removed from their accounts, including you,” the notice says. BleepingComputer was first to report the news. 

    The account breaches occurred between March 2021 and May 20, 2021. Coinbase suspects hackers used a large-scale email phishing campaign to trick numerous customers into giving up the email addresses, passwords, and phone numbers associated with their accounts. In addition, the unknown culprits also gained access to victims’ email inboxes by using a malicious app capable of reading and writing to the inbox if the user grants permission. 

    The phishing attacksThe phishing attack example

    Still, a password isn’t enough to break into a Coinbase account. By default, the company secures an account with two-factor authentication, meaning you need both a password and a one-time passcode generated on your phone to access the account.  

    However, in some cases, the hackers were able to steal the one-time passcode. This occurred for users who secured their account with the two-factor authentication system that relies on sending the code via SMS messages.   

    “Once the attackers had compromised the user’s email inbox and their Coinbase credentials, in a small number of cases they were able to use that information to impersonate the user, receive an SMS two-factor authentication code, and gain access to the Coinbase customer account,” a spokesperson for the cryptocurrency exchange told PCMag in a statement. The hackers then looted the cryptocurrency funds.

    Coinbase didn’t elaborate on how the impersonation occurred. But the statement suggests the attackers used a SIM-swapping attack to trick the cell phone carrier into transferring over the victim’s mobile phone number.

    In response, Coinbase says it’s been compensating victims for the stolen cryptocurrency, following reports the company did little to help consumers hit in the hacks. “We immediately fixed the flaw and have worked with these customers to regain control of their accounts and reimburse them for the funds they lost,” a company spokesperson added. 

    How the flaw was fixed is also unclear. However, Coinbase is encouraging customers to drop the SMS-based two-factor authentication system for stronger methods. This includes generating the one-time passcode on a mobile app or using a hardware-based security key.

    In a blog post published earlier this week, the cryptocurrency exchange also stressed that the hackers never breached Coinbase’s security infrastructure or broader systems. “We have not found any evidence that these third parties obtained this information from Coinbase itself.”

    Source Link

    Coinbase Customers Discloses Hacked Spring
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    admin
    • Website

    Related Posts

    With Marketing Director of Jabra – Lisa Davidian At GITEX GLOBAL 2021

    November 13, 2021

    Interview With Mr. Brisco Soma – Sales manager Of ASUS (MENA) At GITEX GLOBAL 2021

    November 13, 2021

    Interview with Sales Manager Of Arcadia – Michael Khodos At GITEX GLOBAL 2021

    November 11, 2021
    Add A Comment

    Leave A Reply Cancel Reply

    Editors Picks

    Onboard Cameras Allow Disabled Quadcopters to Fly

    January 5, 2021
    Top Reviews
    Advertisement
    Demo
    My Blog
    Facebook Twitter Instagram Pinterest Vimeo YouTube
    • Home
    • Buy Now
    © 2023 ThemeSphere. Designed by ThemeSphere.

    Type above and press Enter to search. Press Esc to cancel.