Coinbase discloses recent cyberattack targeting employees

Share This Post

No customers’ funds or information were impacted, according to the company. Coinbase’s engineering team believes the attack is associated with a sophisticated phishing campaign.

Crypto exchange Coinbase experienced a cybersecurity attack targeting its employees on Feb. 5. The attack came through SMS scams and involved impersonations of IT staff, according to a recent report from the company’s engineering team. No customers’ funds or information were impacted, the firm said.

As per the report, on a late Sunday several Coinbase employees received SMS messages requiring them to urgently log in via the link provided to access an important message. Acting in a good faith, one employee followed the exploiter’ instructions:

“While the majority ignore this unprompted message – one employee, believing that it’s an important and legitimate message, clicks the link and enters in their username and password. After “logging in”, the employee is prompted to disregard the message and thanked for complying.” 

The perpetrator then made repeated attempts to gain remote access to Coinbase’s internal systems with the employee’s username and password, but was unable to pass through the Multi-Factor Authentication (MFA) security measure. 

After failing to authenticate and being automatically blocked, the exploiter contacted the employee by phone. According to the report, the attacker claimed to be Coinbase’s IT department and asked the employee for assistance:

“Believing that they were speaking to a legitimate Coinbase IT staff member, the employee logged into their workstation and began following the attacker’s instructions. That began a back and forth between the attacker and an increasingly suspicious employee. As the conversation progressed, the requests got more and more suspicious.”

Coinbase’s Computer Security Incident Response Team (CSIRT) was alerted about an unusual activity by its Security Incident and Event Management (SIEM) system. An incident responder reached out to the victim via the company’s internal messaging system in response to the atypical behavior.

“Realizing something was seriously wrong, the employee terminated all communications with the attacker”, said the report. According to Coinbase, its layered control environment protected customer funds and information, even though some of its personnel’s information had been compromised.

The company believes the attack is associated with a sophisticated attack campaign that targeted many companies since last year, especially in the United States. Cybersecurity company Group-IB reported in August 2022 similar phishing attacks on employees of Twilio and Cloudflare as part of a massive campaign ending in 9,931 accounts of over 130 organizations being compromised.

Coinbase’s team also noted that its customers and employees are frequent targets of fraudsters, and the solution lies in offering appropriate training:

“Research shows again and again that all people can be fooled eventually, no matter how alert, skilled, and prepared they are. We must always work from the assumption that bad things will happen. We need to be constantly innovating to blunt the effectiveness of these attacks while also striving to improve the overall experience of our customers and employees.”

Read Entire Article
spot_img
- Advertisement -spot_img

Related Posts

TEAMZ Web3・AI Summit 2025: Bringing Global Leaders to Tokyo

PRESS RELEASE TEAMZ is proud to announce that the TEAMZ Web3・AI Summit 2025 will take place on April 16-17, 2025, at the Toranomon Hills in Tokyo This summit is one of Japan’s largest

Semler Scientific Reports Half-Year BTC Yield of 37.3%, Acquires Additional 215 Bitcoin

Semler Scientific has reported a significant 373% bitcoin yield since implementation of its bitcoin treasury strategy Bitcoin Strategy Yielding Gains for Semler Scientific Semler Scientific has

Spot Bitcoin ETF options set to debut this week following OCC approval, analysts predict

The Office of the Comptroller of the Currency (OCC) stated in a Nov 18 memo that it is “preparing for the clearance, settlement, and risk management” of options trading on

The Year Of Solana: 2024 Sees Global Crypto Love Surge Nearly 40%

Solana (SOL) has emerged as a winner in the digital asset landscape as it captured the title of being the most popular blockchain ecosystem in 2024, according to the latest ranking of CoinGecko

Bitcoin’s Surge Could Just Be The Beginning Of A Sustained Rally: Tom Lee

The post Bitcoin’s Surge Could Just Be The Beginning Of A Sustained Rally: Tom Lee appeared first on Coinpedia Fintech News Fundstrat Head of Research Tom Lee has recently highlighted that

Bitwise: US Bitcoin Reserve Speculations Propel Crypto Market Gains

Recent findings from Bitwise’s Weekly Crypto Market Compass for Week 47, 2024, reveal an upbeat trajectory for cryptocurrency markets, with bitcoin leading the charge Its performance has