2021-10-4 13:00

Over 6,000 Coinbase users saw their drained last week as hackers exploited an authentication bug to bypass the company’s SMS security feature, tech publication Bleeping Computer reported.

Coinbase said it would reimburse the stolen amounts to make up for damages and did not report further security breaches as of press time.

The hackers exploited a vulnerability to bypass the SMS authentication feature put in place by Coinbase to ensure user security. They illicitly gained access to user email addresses, passwords, and associated phone numbers, and used this information to log in.

Hackers may have conducted large-scale phishing campaigns to gain access to such sensitive information—said Coinbase—one that unsuspecting users willingly gave out.

Banking trojan viruses have, in addition, been known to hit Coinbase users in the past.

Inside the Coinbase hit

As part of its security, hackers with access to a Coinbase customer’s credentials and email account are normally prevented from logging into an account if a customer has multi-factor authentication enabled.

However, Coinbase said a vulnerability existed in their SMS account recovery process, allowing the hackers to gain the SMS two-factor authentication token needed to access a secured account.

“Even with the information described above, additional authentication is required in order to access your Coinbase account,” a notification read.

It added, “In this incident, for customers who use SMS texts for two-factor authentication, the third party took advantage of a flaw in Coinbase’s SMS Account Recovery process in order to receive an SMS two-factor authentication token and gain access to your account.”

Coinbase patched the bug shortly after it was discovered. Meanwhile, the exchange said it would reimburse the stolen funds directly into the accounts of affected users.

“We will be depositing funds into your account equal to the value of the currency improperly removed from your account at the time of the incident. Some customers have already been reimbursed — we will ensure all customers affected receive the full value of what you lost. You should see this reflected in your account no later than today,” a notice sent to users read.

The post Coinbase reports 6,000 crypto account hacks after SMS flaw appeared first on CryptoSlate.

Similar to Notcoin - TapSwap on Solana Airdrops In 2024

origin »

Speed Mining Service (SMS) на Currencies.ru

$ 1.9622 (+0.00%)

Объем 24H $0

Изменеия 24h: 0.00 %, 7d: 0.00 %

Cегодня L: $1.9622 - H: $1.9622

Капитализация $205.406k Rank 99999

Доступно / Всего 104.68k SMS

coinbase sms flaw crypto account hacks reports

216 +

Источник: cryptoslate.com

Шесть тысяч пользователей Coinbase пострадали от действий хакеров

Хакеры обворовали около 6 тысяч пользователей биржи криптовалют Coinbase, обнаружив уязвимость, позволяющую обойти двухфакторную аутентификацию с помощью SMS, сообщает Bleeping Computer. Пострадавшие пользователи на этой неделе получили письмо от биржи, согласно которому с марта по май текущего года злоумышленники провели крупную кампанию по взлому их аккаунтов.

Coinbase Promises to Deposit Stolen Funds to At Least 6,000 Hacked Accounts

Cryptocurrency exchange Coinbase, which has about 68 million users globally, disclosed this week that hackers stole from at least 6,000 of its customers. According to a breach notification letter sent by the exchange to affected customers, hackers used a vulnerability to bypass Coinbase’s SMS multi-factor authentication security feature.

Coinbase says 6,000 customers had their accounts breached

Crypto exchange Coinbase reported that threat actors took advantage of its SMS account recovery process to infiltrate users accounts. The report revealed that the threat actors accessed crypto funds from 6,000 Coinbase accounts, although the financial value of the theft was not disclosed.

СМИ: хакеры взломали тысячи аккаунтов пользователей Coinbase

Неизвестные хакеры взломали около шести тысяч аккаунтов пользователей криптовалютной биржи Coinbase. Они воспользовались уязвимостью для обхода двухфакторной аутентификации с помощью SMS, пишет Bleeping Computer.

The Daily: Coinbase Launches Investment Fund, Cointext Enters New Markets

In this edition of The Daily, we look at Coinbase’s decision to create a new investment vehicle for institutions in partnership with asset manager Wilshire Phoenix. We also cover the expansion of bitcoin cash SMS wallet service Cointext into four new markets.

Kraken: An Overview of One of Europe's Top Bitcoin Exchanges

In this overview, we explore Kraken and its journey from a Mt. Gox alternative to soften the blow of bitcoin’s dependence on just one exchange to becoming one of the most respected cryptocurrency exchanges in the world.

Самое свежее на Currencies.ru

Kimsuky hacking group targets South Korean crypto firms with new malware — report

North Korean hackers deploy new 'Durian' malware to target South Korean crypto firms, with potential links to the notorious Lazarus Group uncovered. The post Kimsuky hacking group targets South Korean crypto firms with new malware — report appeared first on Crypto Briefing.

Pike Finance admits to error following $1.7 million exploit, denies fault of USDC

On May 1, DeFi protocol Pike Finance corrected its description of a recent exploit and said it was not caused by a USDC vulnerability, as previously stated. According to the company’s latest statement: “The term ‘USDC vulnerability’ was inaccurate for summarizing last week’s exploit.

New gaming token on Blast exploited for $4.6 million – white hat hacker involved

A hacker exploited a bug in a newly launched gaming token on Blast network — Super Sushi Samurai — to steal roughly $4. 6 million worth of Ethereum on March 21 — less than a month from its launch.

Tornado Cash website, discord offline after community finds malicious code in protocol’s backend

Crypto mixer Tornado Cash has reportedly fallen victim to a significant backend exploit that has put user deposits and sensitive data at risk. The security breach was revealed in a Medium post by Gas404, a community member, on Feb.

Bitcoin breaks $53k for first time in over 2 years as trading volume surges 30%

Bitcoin has broken the $53,000 level for the first time since Dec. 4, 2021, and is currently sitting around $53,538 as of press time. Ethereum is also up on the day, surpassing $3,150, an increase of 4% on the intra-day low.

Orbit Chain exploited, $81.6 million drained from cross-chain bridge

Orbit Chain is coordinating its investigation with the Korean National Police Agency and KISA (Korea Internet & Security Agency), and Theori.

Crypto Exchange Catalyx Suspends Trading, Withdrawals Following 'Security Breach'

The Canadian exchange suffered a security break earlier this month, resulting in the loss of an unknown amount of customer funds.

Coinbase reports 6,000 crypto account hacks after SMS flaw

2021-10-4 13:00

Speed Mining Service (SMS) на Currencies.ru

coinbase sms → Результатов: 10

Debate over 2FA using SMS after SIM-swapping victim sues Coinbase

2023-3-8 08:41

Шесть тысяч пользователей Coinbase пострадали от действий хакеров

2021-10-4 09:25

Coinbase Promises to Deposit Stolen Funds to At Least 6,000 Hacked Accounts

2021-10-4 18:08

Coinbase says 6,000 customers had their accounts breached

2021-10-2 17:03

СМИ: хакеры взломали тысячи аккаунтов пользователей Coinbase

2021-10-2 10:18

Hackers exploit MFA flaw to steal from 6,000 Coinbase customers — Report

2021-10-2 19:30

Coinbase Multi-Factor Authentication Hacked, Users Lose Funds

2021-10-2 18:42

What you need to know about SMS phishing attacks

2021-8-28 19:01

The Daily: Coinbase Launches Investment Fund, Cointext Enters New Markets

2018-11-2 16:35

Kraken: An Overview of One of Europe's Top Bitcoin Exchanges

2018-9-27 21:21

Партнеры Currencies.ru

Реклама на Currencies.ru