3/8/2023 0 Comments Coinbase authenticator![]() ![]() ![]() In fact, earlier this week, on Monday, Coinbase warned that phishing attacks are on the rise, both in terms of volume and success rates. Coinbase doesn’t know exactly how the third parties gained access to all that, but the exchange doesn’t think it’s to blame: “We have not found any evidence that these third parties obtained this information from Coinbase itself,” according to the exchange’s breach notification.Ĭoinbase noted that such information is often gleaned through phishing attacks or other social engineering techniques that trick victims into disclosing their login credentials. In order to pull it off, the culprits first needed access to victims’ email addresses, passwords, phone numbers and personal email inboxes. The attacker(s) used a flaw in Coinbase’s account recovery process to seize the SMS two-factor authentication tokens needed to break into customers’ accounts and transfer funds to crypto wallets unassociated with Coinbase. The accounts of at least 6,000 Coinbase customers were robbed of funds after attackers bypassed the cryptocurrency exchange’s multi-factor authentication (MFA).Īccording to a notification letter ( PDF) – seen and posted by BleepingComputer, which first reported the story – that Coinbase sent to affected customers and filed with the California state Attorney General’s office, the theft happened between March and May 20, 2021.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |