Coinbase Avoids a Major Supply Chain Attack On Its Blockchain AI Toolkit

2025-3-24 18:32

Coinbase, the largest crypto exchange in the US, has successfully evaded a supply chain attack that could have compromised its open-source infrastructure.

On March 23, Yu Jian, founder of blockchain security firm SlowMist, flagged the incident in a post on X, referencing a report from Unit 42, the threat intelligence division of Palo Alto Networks.

How Coinbase Stopped a Major Cyber Attack

According to Unit 42, the attacker targeted ‘agentkit’, an open-source toolkit managed by Coinbase that supports blockchain-based AI agents.

The threat actor forked agentkit and onchainkit repositories on GitHub, inserting malicious code intended to exploit the continuous integration pipeline. The suspicious activity was first detected on March 14, 2025.

“The payload was focused on exploiting the public CI/CD flow of one of their open source projects – agentkit, probably with the purpose of leveraging it for further compromises,” Unit 42 reported.

The attacker exploited GitHub’s “write-all” permissions, which allowed the injection of harmful code into the project’s automated workflow. This method could have enabled access to sensitive data and created a path for broader compromises.

A Malicious Commit Targeting Coinbase. Source: Unit42

However, Unit 42 reported that the payload collected sensitive information. It did not contain advanced malicious tools like remote code execution or reverse shell exploits.

Meanwhile, Coinbase responded quickly, collaborating with security experts to isolate the threat and apply necessary mitigations. This rapid action helped the company avoid deeper infiltration and prevented potential damage to its infrastructure.

The stakes were high considering Coinbase’s standing as the largest crypto exchange in the US and a key custodian for spot Bitcoin ETFs.

A breach of this nature could have caused major disruption across the crypto industry, especially after Bybit’s recent $1.4 billion security incident.

Despite the failed attempt, the attacker has since shifted focus to a larger campaign now drawing global attention.

In light of this, SlowMist founder advised developers using GitHub Actions—especially those working with tj-actions or reviewdog—to audit their systems and confirm that no secrets have been exposed.

“If your company uses reviewdog or tj-actions, do a thorough self-examination,” Yu Jian stated on X.

This incident highlights the growing importance of securing open-source tools as the crypto ecosystem expands. Data from DeFillama shows that the crypto industry has recorded exploits of more than $1.5 billion this year.

The post Coinbase Avoids a Major Supply Chain Attack On Its Blockchain AI Toolkit appeared first on BeInCrypto.

origin »

Supply Shock (M1) на Currencies.ru

$ 0 (+0.00%)

Объем 24H $0

Изменеия 24h: 0.00 %, 7d: 0.00 %

Cегодня L: $0 - H: $0

Капитализация $0 Rank 99999

Доступно / Всего 0 M1

coinbase attack toolkit avoids blockchain major supply

139 +

Источник: beincrypto.com

coinbase attack → Результатов: 61

Coinbase being targeted by ‘unique attack’ highlights how serious attackers are about the cryptospace, claims CISO Martin

Philip Martin, Chief Information Security Officer at Coinbase, recently spoke about a hack which the exchange successfully managed to evade. According to Coinbase, the highly sophisticated attack began on 30 May, when a dozen Coinbase employees received an email for a certain Gregory Harris, who was supposedly a Research Grants Administrator at Cambridge University.

2019-8-11 13:00
coinbase attack martin cryptospace ciso claims targeted

240 +

Coinbase Reveals How It Averted A Complex Hacking Attack Seeking To Extract Private Keys And Passwords

Coinbase’s security team has revealed that it managed to stop a complex phishing attack that sought to extract user private keys and passwords. In an official blog post the crypto exchange giant revealed that the incident involved the exploitation of two 0-day vulnerabilities on the Mozilla Firefox browser. According to the blog post, the first […]

2019-8-9 21:17	Coinbase
keys private coinbase revealed passwords extract complex

194 +

Coinbase рассказала о попытке продуманной хакерской атаки

Крупнейшая американская криптовалютная компания Coinbase сообщила об «изощренной, целенаправленной, продуманной атаке», которая могла позволить хакерам получить доступ к ее системам и средствам на миллиарды долларов.

2019-8-10 16:17	#биржи
coinbase attack продуманной spear phishing social vulnerabilities

185 +

Coinbase раскрыла подробности «изощренной» хакерской атаки

2019-8-9 15:35	хакеры
coinbase attack изощренной vulnerabilities spear phishing social

194 +

Coinbase Says It Prevented a Crafty Phishing Attack to Exfiltrate Keys

Coinbase’s response team has revealed how it countered a sophisticated phishing attack aiming to exfiltrate private keys and passwords

2019-8-9 13:48
exfiltrate keys coinbase phishing attack sophisticated countered

178 +

Coinbase Sets Out How It Foiled a ‘Sophisticated’ Hacking Attack

Cryptocurrency exchange Coinbase has detailed how it was targeted by, and foiled, "a sophisticated, highly targeted, thought out attack."

2019-8-9 12:01	Hacks
attack coinbase targeted foiled sophisticated out thought

171 +

Coinbase Sides With Bitcoin Cash (BCH) Miners on 51% Attack Smack

By CCN: Coinbase researchers have released their own investigative findings into the recent Bitcoin Cash 51% attack controversy, and their conclusions might upset many Bitcoin maximalists. When Bitcoin Cash came under attack during a scheduled hardfork in mid-May, a group of miners colluded to reverse the attacked blocks and return misappropriated funds to their rightful owners.

2019-5-31 17:20	Coinbase
bitcoin cash attack coinbase miners came under

292 +

Coincheck Launches Bitcoin OTC Trading Desk 15 Months After Hack

The Tokyo-based cryptocurrency exchange Coincheck has launched a Bitcoin over-the-counter (OTC) trading service for its users, per a post published on its official blog.

2019-4-2 18:26	Investing
trading coincheck otc exchange bitcoin desk security

348 +

Grim Stories of Ethical, Privacy Abuses Emerge About Coinbase’s New Partners

When Coinbase acquired Neutrino for an unspecified amount in February 2019, the news looked like business as usual: A cryptocurrency juggernaut had made another acquisition.

2019-3-1 17:19	Privacy & security
team hacking coinbase neutrino software janine she

606 +

Op Ed: Why It’s Unsafe to Store Private Crypto Keys in the Cloud

There are two primary reasons why storing your private crypto keys in the cloud is a bad idea. First, your cloud provider represents a centralized honeypot that could experience a security breach, allowing cyber criminals to access your data.

2019-2-19 00:19	Op-ed
adrian coinbase icloud keys private your cloud

540 +

BetterHash Protocol Lets Pool Miners Regain Control Over Their Hash Power

One problem that concerns many is the centralization of mining within the Bitcoin ecosystem. Fortunately, there are talented developers working to solve this problem and Matt Corallo, full-time Bitcoin developer at Chaincode Labs, is one of them.

2019-1-26 23:50	Mining
pool block mining betterhash miners pools protocol

538 +

The Truth About 51% Attacks; The ETC Story

Because of recent events, the community is abuzz with the effects and after effects of 51% attacks. For those of us who are uninformed, the Ethereum Classic coin, recently, faced a 51% attack that was pointed out by Coinbase.

2019-1-12 15:54
attacks attack truth effects etc story lot

212 +

Litecoin (LTC) Creator, Charlie Lee: If A Crypto Cannot be 51% Attacked, it is Not Decentralized

Right after news broke that the Ethereum Classic (ETC) cryptocurrency had been the victim of a 51% attack, one twitter user by the name of Crypto Tesla noted that a cryptocurrency has to be open for such attacks if it were to remain decentralized.

2019-1-9 17:11	XRP
crypto decentralized ethereum cryptocurrency one litecoin cannot

251 +

Coinbase Suspends Ethereum Classic Following 51 Percent Attack

Coinbase has ceased interactions with the Ethereum Classic (ETC) blockchain after the exchange detected a 51 percent attack on the network. Following the discovery of a “deep chain reorganization” of the ETC blockchain, Coinbase suspended Ethereum Classic withdrawals and deposits.

2019-1-9 22:10
coinbase classic ethereum percent attack following suspends

232 +

Coinbase Suspends Ethereum Classic Transactions after Double Spend Attack

Shortly after detecting a deep chain reorganization of the Ethereum Classic blockchain (ETC) on January 8, 2019, cryptocurrency exchange platform Coinbase Tweeted that it has stopped all transactions related to the cryptocurrency.

2019-1-8 21:30	security
blockchain cryptocurrency classic ethereum coinbase 2019 transactions

213 +

Coinbase Reports Ethereum Classic [ETC] 51% Attack, Wider Market Remains Unfazed

Coinbase, one of the largest cryptocurrency exchanges in the US, announced on Monday that it had paused all interactions with the Ethereum Classic blockchain after detecting double spends in the network.

2019-1-8 20:44	Coinbase
coinbase ethereum classic cryptocurrency blockchain reports network

230 +

Ethereum Classic Reels From 51% Attack: Double-Spends Reported

Coinbase has frozen trading of Ethereum Classic (ETC) as developers continue to clarify reports that the coin’s network suffered a blockchain reorganization attack. Coinbase, China And ASICs Originally reported as rumors January 6, ETC has since succumbed to a mystery offensive which officials have yet to explain.

2019-1-8 18:00
coinbase etc reported ethereum classic attack following

246 +

Coinbase Halts Ethereum Classic Transactions After the Network Comes Under Attack

CoinSpeaker Coinbase Halts Ethereum Classic Transactions After the Network Comes Under Attack Coinbase took to its Twitter to reveal that its internal developers detected a “deep chain reorganization” of the Ethereum Classic (ETC) blockchain.

2019-1-8 15:32
classic ethereum coinbase under attack halts transactions

206 +

Ethereum Classic (ETC) Double Spend Attack, Over $1 Million Stolen

It is quite hardy that the cryptocurrency community has been faced with a lot of threats in the previous years which seems to not have been abated following the report from one of the largest cryptocurrency exchange Coinbase, that ethereum classic (ETC) which is an ethereum hard fork had suffered a 51% attack.

2019-1-8 14:33	Ethereum Classic
ethereum classic etc attack cryptocurrency exchange spend

242 +

Ethereum Classic [ETC] deep chain reorganization and double spend attack detected by Coinbase; ETC responds

Just recently, Coinbase, the largest cryptocurrency exchange on the planet in terms of users stated that on January 5, the exchange detected a deep chain reorganization of the Ethereum Classic [ETC] blockchain as well as a double spend on the network.

2019-4-3 12:00	News
etc coinbase spend detected ethereum double classic

207 +

Ethereum Classic (ETC) Developers Deny 51% Attack, Double Spend

Cryptocurrency, Ethereum Classic (ETC)–In a bizarre twist for the story developing around Ethereum Classic, developers for the ETC token are now making the claim that the blockchain has not experienced a 51 percent attack, in addition to denying the presence of a double spend.

2019-1-8 06:54
ethereum classic etc double spend developers attack

199 +

Coinbase Detects Deep Chain Reorganization on Ethereum Classic (ETC)

The Ethereum Classic (ETC) allegedly 51% attack continues to generate confusion among market participants. Coinbase, one of the largest cryptocurrency related platforms in the market, wrote in a blog post a few hours ago that it detected a deep chain reorganization of the Ethereum Classic blockchain.

2019-1-8 04:48	News
ethereum classic coinbase market etc deep reorganization

265 +

Coinbase Suspends Ethereum Classic After Blockchain History Rewrites

Ethereum classic's blockchain has been hit by a suspected 51 percent attack, leading to reorganizations of its transaction history.

2019-1-8 23:19
blockchain classic history ethereum leading attack percent

177 +

Coinbase Forced to Suspend Ethereum Classic Trading After 51% Attack

Ethereum Classic, the original unforked Ethereum blockchain, has suffered a 51% attack resulting in nearly half a million dollars worth of double spends according to Coinbase. Coinbase detected the deep chain reorganizations over the weekend, forcing the cryptocurrency firm to freeze all Ethereum Classic transactions on their trading platforms and other products and services.

2019-1-8 23:00	Ethereum Classic
ethereum classic coinbase attack trading suspend forced

270 +

Ten Years Later, a Reflection on Bitcoin’s Genesis and Satoshi’s Timing

October 31, 2008, and January 3, 2009. The two dates have cemented themselves with Promethean significance into Bitcoin’s lore. On the October 31, Satoshi Nakamoto published the Bitcoin white paper, a constitution of sorts for his revolutionary monetary system and its intrinsic currency.

2019-1-3 07:14	Op-ed
block bitcoin satoshi genesis banks network crisis

1033 +

Is ASIC resistance really a good idea for PoW coins? Vertcoin suffered a 51% attack because of it

Vertcoin is under a 51% attack because of its wish for ASIC resistance A Medium post from Mark Nesbitt, security engineer at Coinbase, revealed that Vertcoin is being 51% attacked at the moment. He first describes the 51% attack as a situation in which a malicious node operator who controls over half of the network’s […] The post Is ASIC resistance really a good idea for PoW coins? Vertcoin suffered a 51% attack because of it appeared first on CaptainAltcoin.

2018-12-5 04:03	Crypto Journal
vertcoin attack asic resistance idea pow suffered

216 +

Vertcoin Suffers A 51 Percent Attack

Vertcoin is a lesser known project, but it’s becoming more familiar for all the wrong reasons. You might not know it by looking at the price action, but Vertcoin (VTC) is currently under a 51% attack, with a wave of reorgs and double-spend activity currently unfolding.

2018-12-5 01:10	Mining
vertcoin attack currently suffers percent coinbase security

280 +

Vertcoin 51% Attack Could Have Caused $100K in Double Spending

Vertcoin has been experiencing ongoing 51% attacks, reportedly resulting in $100K of double spending on the network. Rough Couple of Months for Vertcoin In a detailed blog post, Coinbase security engineer Mark Nesbitt revealed that Vertcoin’s network went through repeated 51% attacks, with the largest reorganization having a length of 310 blocks and a depth of 307 blocks which, according to the specialist, may have caused double spends upwards of $100,000.

2018-12-4 13:00
vertcoin double spending 100k caused blocks attacks

181 +

Coinbase takes advantage of Vertcoin (VTC) 51% attack to hit its competitors

This is a guest post by Johter V. Seriaum On the second of December 2018, a double spend attack was performed on Vertcoin. A large amount of ASIC hashrate was rented anonymously through rental services to attack the 4 year old blockchain.

2018-12-3 20:18	Crypto Journal
attack vertcoin coinbase competitors hit advantage takes

170 +

Canada Central Bank: Bitcoin Safe From 51% Attack, Double Spending

Canada’s Central Bank (BOC) released a working paper this month, Incentive Compatibility on the Blockchain. In it, BOC seems to argue the world’s most popular cryptocurrency, Bitcoin, is safe from a 51% attack, double spend scenario through the right incentive structure and proof of work (POW).

2018-7-27 22:45
bitcoin double attack canada central bank safe

296 +

Bitcoin Magazine’s Week in Review: Looking Back to See the Way Ahead

It’s been a turbulent time for the cryptocurrency markets, so now is a good time to reflect on how and why we got here in the first place. First, an op ed makes the ideological case for Bitcoin.

2018-6-16 04:35	Bitcoin
bitcoin tether exchange cryptocurrency dai crypto misconceptions

785 +

New Coinbase Additions: Ethereum Classic and Crypto Index Fund

Coinbase dominated headlines across the space this week with a pair of significant developments. The San Francisco–based exchange announced on Monday, June 11, its intention to add Ethereum Classic to its trading platform and then quickly followed the news on Tuesday with the official opening of a crypto index fund.

2018-6-14 01:32	Startups
ethereum coinbase classic fund index etc when

1194 +

Op Ed: Venmo Offers the Ultimate Cryptocurrency Experience

Venmo could be the ultimate cryptocurrency experience from a user-experience perspective. Any cryptocurrency that seeks to power the future of global transactions must ensure that it is supported by a payment system that is simple, user-friendly and free — like Venmo.

2018-6-11 16:51	Adoption & community

735 +

дальше еще 12 новостей →

Партнеры Currencies.ru

Реклама на Currencies.ru

Самое свежее на Currencies.ru

BNB Perpetual Futures Arrive on Coinbase: What This Means for Traders

Starting April 3, 2025, Coinbase will support BNB perpetual futures, providing traders with leverage opportunities but also introducing risks of increased volatility and market speculation. The post BNB Perpetual Futures Arrive on Coinbase: What This Means for Traders appeared first on BeInCrypto.

Coinbase In Talks to Acquire Bitcoin Futures Exchange Deribit

Coinbase's potential acquisition of Deribit could turn the exchange into a crypto powerhouse by tapping into the highly profitable derivatives market. The post Coinbase In Talks to Acquire Bitcoin Futures Exchange Deribit appeared first on BeInCrypto.

Freysa AI Rallies Nearly 50% As Coinbase Adds FAI to Listing Roadmap

Freysa's listing on Coinbase caused a dramatic price surge, but its future success may depend on overcoming challenges in the struggling AI token sector. The post Freysa AI Rallies Nearly 50% As Coinbase Adds FAI to Listing Roadmap appeared first on BeInCrypto.

Coinbase Launches Verified Liquidity Pools For Institutional and Retail Traders

Coinbase's Verified Pools aim to provide institutional investors with secure, high-liquidity liquidity pools, ensuring compliance and asset control through advanced security features. The post Coinbase Launches Verified Liquidity Pools For Institutional and Retail Traders appeared first on BeInCrypto.

Coinbase Lists Aethir, Causing 8% Price Spike

Coinbase's listing of Aethir (ATH) provides a boost, triggering an 8% price spike. However, market conditions remain challenging, and Aethir needs fresh interest to regain momentum. The post Coinbase Lists Aethir, Causing 8% Price Spike appeared first on BeInCrypto.

SEC Drops the Coinbase Case: What Does It Mean for the Ripple Lawsuit?

The SEC is ending its lawsuit against Coinbase, but Ripple’s case remains open. This signals a potential shift in crypto regulation policies. The post SEC Drops the Coinbase Case: What Does It Mean for the Ripple Lawsuit? appeared first on BeInCrypto.

2025-3-24 18:32

coinbase attack → Результатов: 61

2019-8-11 13:00

2019-8-9 21:17

2019-8-10 16:17

2019-8-9 15:35

2019-8-9 13:48

2019-8-9 12:01

2019-5-31 17:20

2019-4-2 18:26

2019-3-1 17:19

2019-2-19 00:19

2019-1-26 23:50

2019-1-12 15:54

2019-1-9 17:11

2019-1-9 22:10

2019-1-8 21:30

2019-1-8 20:44

2019-1-8 18:00

2019-1-8 15:32

2019-1-8 14:33

2019-4-3 12:00

2019-1-8 06:54

2019-1-8 04:48

2019-1-8 23:19

2019-1-8 23:00

2019-1-3 07:14

2018-12-5 04:03

2018-12-5 01:10

2018-12-4 13:00

2018-12-3 20:18

2018-7-27 22:45

2018-6-16 04:35

2018-6-14 01:32

2018-6-11 16:51

Партнеры Currencies.ru

Реклама на Currencies.ru

Самое свежее на Currencies.ru

Add news: propose for publication, Submit ICO