"Hackers Rob Thousands of Coinbase Customers Using MFA Flaw"

Hackers stole from 6,000 customers of Coinbase, which is the world's second-largest cryptocurrency exchange with nearly 68 million users worldwide. The hackers exploited a vulnerability to circumvent the company's SMS multi-factor authentication security feature. According to Coinbase, the hacking campaign aimed at breaching its customers' accounts and stealing cryptocurrency was conducted between March and May 20, 2021. The company says the attack required the actors to know the customer's email address, password, and phone number associated with their account and have access to the victim's email account. The way in which the threat actors gained access to this information remains unknown. However, Coinbase believes the attackers accessed the information through phishing attacks against Coinbase customers. Banking trojans are also known to have been used to steal funds from Coinbase accounts. Coinbase disclosed that the attackers took advantage of a vulnerability in its SMS Account Recovery process to obtain the SMS two-factor authentication token needed to access a customer's account. Once the company became aware of the attack, actions were taken to fix the SMS Account Recovery protocols to prevent malicious actors from circumventing SMS multi-factor authentication. Since the hackers had full access to a Coinbase account, customers' personal information, including their full name, email address, home address, date of birth, transaction history, and more, were exposed. Coinbase customers are urged to change their passwords immediately. They are also encouraged to watch out for future targeted phishing emails or SMS texts attempting to steal credentials using the information exposed in the Coinbase breach. This article continues to discuss the theft of cryptocurrency from Coinbase customers, the flaw exploited by the hackers behind this incident, the company's response to the breach, and other security incidents faced by Coinbase. 

Bleeping Computer reports "Hackers Rob Thousands of Coinbase Customers Using MFA Flaw"

Submitted by Anonymous on