Back to top
  • 공유 Share
  • 인쇄 Print
  • 글자크기 Font size
URL copied.

Hackers stole crypto from 6,000 Coinbase accounts between March and May 2021

Mon, 04 Oct 2021, 16:00 pm UTC

The crypto platform revealed that there was a vulnerability in the SMS account recovery process that allowed the cybercriminals to sabotage the recovery procedure.

Crypto exchange Coinbase revealed that hackers were able to breach the platform’s security early this year. Around 6,000 accounts were affected by the hack that exploited a vulnerability in the company’s SMS multi-factor authentication security feature.

In a notification sent to affected customers last week, Coinbase said that hackers were able to steal crypto between March and May 2021, Bleepingcomputer reported. Around 6,000 of the platform’s 68 million users were affected by the hack.

Coinbase explained that hackers needed to have a customer’s email address, phone number, and password to their Coinbase account to successfully pull off the attack. This suggests that the perpetrators might have access to this sensitive data.

While it is yet unclear just how the cybercriminals gained access to customer data, the platform believes that it might have been done through phishing campaigns that targeted Coinbase users. Another possibility is that banking Trojans, which were traditionally used to steal online bank details, might have been employed to gain the needed data to access the victims’ crypto accounts in Coinbase.

Coinbase employs multi-factor authentication - such as security keys, Time-based One Time Passwords (TOTP) with an authenticator app or SMS message - to prevent hackers from accessing customer accounts even if they have a Coinbase customer’s credential. However, the platform revealed that there was a vulnerability in the SMS account recovery process that allowed the cybercriminals to sabotage the recovery procedure.

“Even with the information described above, additional authentication is required in order to access your Coinbase account,” the company said in the notification. “However, in this incident, for customers who use SMS texts for two-factor authentication, the third party took advantage of a flaw in Coinbase’s SMS Account Recovery process in order to receive an SMS two-factor authentication token and gain access to your account.”

The company also promised to reimburse affected customers.“We will be depositing funds into your account equal to the value of the currency improperly removed from your account at the time of the incident,” Coinbase said. “Some customers have already been reimbursed -- we will ensure all customers affected receive the full value of what you lost. You should see this reflected in your account no later than today.”

TokenPost | [email protected]

<Copyright ⓒ TokenPost, unauthorized reproduction and redistribution prohibited>

Most Popular

Comment 22

Comment tips

Great article. Requesting a follow-up. Excellent analysis.

0/1000

Comment tips

Great article. Requesting a follow-up. Excellent analysis.
alert("SQLSTATE[42S02]: Base table or view not found: 1146 Table \'tokenpostcom.ExperienceClient\' doesn\'t exist");