Cyber Security

Hackers Exploited 2FA Flaw in Coinbase to Steal Customer Funds

Coinbase is a huge crypto exchange platform for buying and selling cryptocurrency, and it also serves virtual wallets as well. But, recently, hackers exploited a 2FA bug in Coinbase, due to which thousands of customers have suffered the outcomes.

Exactly, cryptocurrencies have been stolen from up to 6,000 clients of the platform. And here the most bothersome thing is that the threat actors have exploited Coinbase’s multi-factor authentication through SMS function.

What happened?

Coinbase itself has confirmed that it has been the victim between March and May 20, 2021, of a third-party campaign in which the threat actors have gained illegal access to the accounts of Coinbase customers to steal customer funds from Coinbase.

However, the exact way is not yet cleared that how these third parties gained access to this information. As this type of campaign generally involves phishing attacks or other social engineering methods to fool a victim into unknowingly revealing login credentials to the threat actors.

Data exposed

There is some data that has been exposed in this attack, and here they are mentioned below:-

  • Your full name
  • Email address,
  • Home address
  • Date of birth
  • IP addresses for account activity
  • Transaction history
  • Account holdings
  • Balance

What Coinbase is doing to help you?

Just after the recognition of the attack, Coinbase has immediately updated its SMS Account Recovery protocols, and the main motive of doing this is to prevent any further hack of the authentication process.

Moreover, Coinbase will be transferring funds into the victim’s account that are equal to the value of the currency poorly removed from their account at the time of the attack.

Not only this but Coinbase will provide free credit monitoring to attacked customers who are involved and if it is available in the country of residence.

Recommendations

After detecting the attack, Coinbase has suggested the victims those who currently use SMS-based two-factor authentication to use an even more effective method of securing their Coinbase accounts.

Methods like:-

  • Time-based one-time password (TOTP)
  • Hardware security key

While they have also recommended all its customers to immediately flush the password of their Coinbase account, and apply a new, strong, and unique password which is only used in this account.

Always, keep a check of the personal accounts and free credit reports for any unusual activity, compatible with best methods for the next 12-24 months. 

However, Coinbase has highlighted the danger of these kinds of phishing campaigns and guarantees that they are now operating “with external partners” to ban all residual traces of phishing from the platform.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Balaji N

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

C2A Security’s EVSec Risk Management and Automation Platform Gains Automotive Industry Favor as Companies Pursue Regulatory Compliance

In 2023, C2A Security added multiple OEMs and Tier 1s to its portfolio of customers,…

31 mins ago

Apple ID “push bombing” Attack Targeting Apple Users to Steal passwords

Apple users are falling prey to a sophisticated phishing campaign designed to hijack their Apple…

3 hours ago

Hackers Using Weaponized Virtual Hard Disk Files to Deliver Remcos RAT

Hackers have been found leveraging weaponized virtual hard disk (VHD) files to deploy the notorious…

3 hours ago

NVIDIA ChatRTX For Windows App Vulnerability Let Attackers Escalate Privilege

A security update released by ChatRTX on March 26th, 2024, addresses two vulnerabilities (CVE-2024-0082 and…

7 hours ago

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

A new threat has emerged, targeting unsuspecting iPhone users through the seemingly secure iMefofferssage platform.…

8 hours ago

2 Chrome Zero-Days Exploited At Pwn2Own 2024 : Patch Now

Google patched seven vulnerabilities in the Chrome browser on Tuesday, including two zero-day exploits that…

9 hours ago