Coinbase reports 6,000 crypto account hacks after SMS flaw

2021-10-4 13:00

Over 6,000 Coinbase users saw their drained last week as hackers exploited an authentication bug to bypass the company’s SMS security feature, tech publication Bleeping Computer reported.

Coinbase said it would reimburse the stolen amounts to make up for damages and did not report further security breaches as of press time.

The hackers exploited a vulnerability to bypass the SMS authentication feature put in place by Coinbase to ensure user security. They illicitly gained access to user email addresses, passwords, and associated phone numbers, and used this information to log in.

Hackers may have conducted large-scale phishing campaigns to gain access to such sensitive information—said Coinbase—one that unsuspecting users willingly gave out. 

Banking trojan viruses have, in addition, been known to hit Coinbase users in the past.

Inside the Coinbase hit

As part of its security, hackers with access to a Coinbase customer’s credentials and email account are normally prevented from logging into an account if a customer has multi-factor authentication enabled.

However, Coinbase said a vulnerability existed in their SMS account recovery process, allowing the hackers to gain the SMS two-factor authentication token needed to access a secured account.

“Even with the information described above, additional authentication is required in order to access your Coinbase account,” a notification read.

It added, “In this incident, for customers who use SMS texts for two-factor authentication, the third party took advantage of a flaw in Coinbase’s SMS Account Recovery process in order to receive an SMS two-factor authentication token and gain access to your account.”

Coinbase patched the bug shortly after it was discovered. Meanwhile, the exchange said it would reimburse the stolen funds directly into the accounts of affected users.

“We will be depositing funds into your account equal to the value of the currency improperly removed from your account at the time of the incident. Some customers have already been reimbursed — we will ensure all customers affected receive the full value of what you lost. You should see this reflected in your account no later than today,” a notice sent to users read.

The post Coinbase reports 6,000 crypto account hacks after SMS flaw appeared first on CryptoSlate.

Similar to Notcoin - Blum - Airdrops In 2024

origin »

Speed Mining Service (SMS) на Currencies.ru

$ 1.9622 (+0.00%)
Объем 24H $0
Изменеия 24h: 0.00 %, 7d: 0.00 %
Cегодня L: $1.9622 - H: $1.9622
Капитализация $205.406k Rank 99999
Доступно / Всего 104.68k SMS

coinbase sms flaw crypto account hacks reports

coinbase sms → Результатов: 10


Шесть тысяч пользователей Coinbase пострадали от действий хакеров

Хакеры обворовали около 6 тысяч пользователей биржи криптовалют Coinbase, обнаружив уязвимость, позволяющую обойти двухфакторную аутентификацию с помощью SMS, сообщает Bleeping Computer. Пострадавшие пользователи на этой неделе получили письмо от биржи, согласно которому с марта по май текущего года злоумышленники провели крупную кампанию по взлому их аккаунтов.

2021-10-4 09:25


Coinbase Promises to Deposit Stolen Funds to At Least 6,000 Hacked Accounts

Cryptocurrency exchange Coinbase, which has about 68 million users globally, disclosed this week that hackers stole from at least 6,000 of its customers. According to a breach notification letter sent by the exchange to affected customers, hackers used a vulnerability to bypass Coinbase’s SMS multi-factor authentication security feature.

2021-10-4 18:08


Фото:

СМИ: хакеры взломали тысячи аккаунтов пользователей Coinbase

Неизвестные хакеры взломали около шести тысяч аккаунтов пользователей криптовалютной биржи Coinbase. Они воспользовались уязвимостью для обхода двухфакторной аутентификации с помощью SMS, пишет Bleeping Computer.

2021-10-2 10:18