Coinbase hackers exploit multi-factor loophole to steal 6,000 customers



[ad_1]

Bad actors were able to infiltrate accounts and steal cryptocurrency from around 6,000 Coinbase customers by exploiting a multi-factor authentication flaw, according to Beeping computer. The cryptocurrency exchange told the post that its security team observed a large-scale phishing campaign targeting its users between April and early May 2021. Some users may have fallen victim to malicious emails. , giving hackers access to their usernames and passwords. Worse, even those who had MFA enabled were compromised due to a flaw in the exchange system.

In the notification [PDF] it sent to affected customers, Coinbase said bad actors took advantage of a vulnerability in its SMS account recovery process. This allowed the hackers to receive the two-factor token that was supposed to be texted to the account owner’s phone number.

Coinbase recommends using two factors with a security key on its website, followed by an authenticator app. It lists SMS authentication as a last resort, advising users to lock down their mobile accounts to protect themselves from SIM swap scams or phone port frauds. In August, Coinbase also informed 125,000 users that their two-factor settings had changed, but the exchange said at the time that the notification was sent in error and was not the result of a hack.

In its letter to customers, Coinbase said it corrected its SMS account recovery protocols as soon as it learned of the problem. It also reimburses anyone who lost cryptocurrency during the event. Those who have been affected by the hack may want to make sure that all of their other accounts are secure, as it also exposed their names, addresses and other sensitive information when their accounts were infiltrated.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through any of these links, we may earn an affiliate commission.

[ad_2]

Source link