Coinbase, a US-listed cryptocurrency exchange, suffered a hacking attack that affected around 6,000 customers who got their cryptos stolen after the threat actors spotted a vulnerability. According to BleepingComputer, citing a notification sent by the firm to its users over the week, the incident took place between March and May 20, 2021.
The vulnerability helped the hackers to bypass Coinbase’s SMS multi-factor authentication feature. In fact, attackers just needed the customers’ email addresses, passwords, and phone numbers to steal their cryptocurrencies. “While it is unknown how the threat actors gained access to this information, Coinbase believes it was through phishing campaigns targeting Coinbase customers to steal account credentials, which have become common. Additionally, banking trojans traditionally used to steal online bank accounts are also known to steal Coinbase accounts,” BleepingComputer commented.
The flaw allowed hackers to transfer funds to third-party wallets not associated with Coinbase. “We immediately fixed the flaw and have worked with these customers to regain control of their accounts and reimburse them for the funds they lost,” a Coinbase spokesperson told Reuters. However, the US-listed company does not believe that information was extracted from the firm itself as of press time.
Bitcoin vs. Gold: Which is a Better Buy this Fall?Go to article >>
To compensate victims, Coinbase issued the following statement: “We will be depositing funds into your account equal to the value of the currency improperly removed from your account at the time of the incident. Some customers have already been reimbursed – we will ensure all customers affected receive the full value of what you lost. You should see this reflected in your account no later than today.”
Still, it is unclear if Coinbase will reimburse hacked customers with the stolen crypto or fiat currency, BleepingComputer noted. Recently, the US-listed cryptocurrency exchange announced that it would add phone support and deploy a series of measures to strengthen its customer support area at the end of the year.