Cyber Security

Hackers Exploited 2FA Flaw in Coinbase to Steal Customer Funds

Coinbase is a huge crypto exchange platform for buying and selling cryptocurrency, and it also serves virtual wallets as well. But, recently, hackers exploited a 2FA bug in Coinbase, due to which thousands of customers have suffered the outcomes.

Exactly, cryptocurrencies have been stolen from up to 6,000 clients of the platform. And here the most bothersome thing is that the threat actors have exploited Coinbase’s multi-factor authentication through SMS function.

What happened?

Coinbase itself has confirmed that it has been the victim between March and May 20, 2021, of a third-party campaign in which the threat actors have gained illegal access to the accounts of Coinbase customers to steal customer funds from Coinbase.

However, the exact way is not yet cleared that how these third parties gained access to this information. As this type of campaign generally involves phishing attacks or other social engineering methods to fool a victim into unknowingly revealing login credentials to the threat actors.

Data exposed

There is some data that has been exposed in this attack, and here they are mentioned below:-

  • Your full name
  • Email address,
  • Home address
  • Date of birth
  • IP addresses for account activity
  • Transaction history
  • Account holdings
  • Balance

What Coinbase is doing to help you?

Just after the recognition of the attack, Coinbase has immediately updated its SMS Account Recovery protocols, and the main motive of doing this is to prevent any further hack of the authentication process.

Moreover, Coinbase will be transferring funds into the victim’s account that are equal to the value of the currency poorly removed from their account at the time of the attack.

Not only this but Coinbase will provide free credit monitoring to attacked customers who are involved and if it is available in the country of residence.


After detecting the attack, Coinbase has suggested the victims those who currently use SMS-based two-factor authentication to use an even more effective method of securing their Coinbase accounts.

Methods like:-

  • Time-based one-time password (TOTP)
  • Hardware security key

While they have also recommended all its customers to immediately flush the password of their Coinbase account, and apply a new, strong, and unique password which is only used in this account.

Always, keep a check of the personal accounts and free credit reports for any unusual activity, compatible with best methods for the next 12-24 months. 

However, Coinbase has highlighted the danger of these kinds of phishing campaigns and guarantees that they are now operating “with external partners” to ban all residual traces of phishing from the platform.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Balaji N

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

GoTitan Botnet Actively Exploiting Apache ActiveMQ Vulnerability

Attackers are exploiting the recently discovered critical security vulnerability tracked as (CVE-2023-46604) affecting Apache ActiveMQ…

16 hours ago

Cybercriminals are Showing Hesitation to Utilize AI When Executing Cyber Attacks

Media reports highlight the sale of LLMs like WormGPT and FraudGPT on underground forums. Fears…

16 hours ago

Vigil: Open-source Security Scanner for LLM Models Like ChatGPT

An open-source security scanner, developed by Git Hub user Adam Swanda, was released to explore…

17 hours ago

Slovenia’s Biggest Power Provider has Suffered a Cyberattack

One of Slovenia's major power providers, HSE, has recently fallen victim to a significant cyberattack.…

17 hours ago

Genesis Market Technique: Hackers Exploited Node.js and EV Certificates

In the labyrinthine landscape of cyber threats, the Trend Micro Managed XDR team has uncovered…

19 hours ago

Design Flaw in Domain-Wide Delegation Could Leave Google Workspace Vulnerable to Takeover – Hunters

BOSTON, MASS. and TEL AVIV, ISRAEL, November 28, 2023 - A severe design flaw in…

2 days ago