Cyberattack Against Coinbase Exploiting Employees Info Countered

Leading US crypto exchange Coinbase recently reported witnessing a cyberattack. Not fatal in monetary terms or compromising users data, though the attack was enough to spread trembles within the company. The company’s cybersecurity team has ensured to tackle the attack in a short time by finding the weak spot and mending it before it could cause any further harm. 

According to Coinbase, an illicit person managed to get away with the login credentials after stealing them from one of the employees. The intention was said to take over the systems of the company through remote access. Given the attack, there was a compromise of employees’ several information. 

Further it noted that the cyber controls of the crypto exchange firm successfully managed to counter the attack and prohibited the direct access of the system. Along with this, there was no harm to the information and funds belonging to the platform’s customers. 

It all Started with an SMS

As the instance was reported, it started on February 5th when several engineers within the company were contacted through text. The “SMS alert” consisted of a note requesting them to read an important message after logging in to respective company accounts. Just like every other phishing or scam text, most employees ignored the message except for one. 

The Coinbase employee opened the link which led him to a phishing page. When asked for credentials, the employee went on to provide it using which the attacker made an attempt to log into internal systems. However the attempt turned out to be a failure given the multi-factor authentication (MFA) protection. 

Following the failed attempt, the attacker changed the strategy and presented himself as an IT team member and tried to make the employee log into the workstation.

However, the computer security incident response team (CSIRT) of Coinbase actively tracked down the activity within ten minutes. The team asked the victim to check if there’s an unusual activities. As soon as the employee found the instance to be fishy, he finished the conversation and blocked the connection. 

No monetary and data loss could make Coinbase relief for now but it could make them ensure better safety measures after dealing with the loopholes.

Cyberattack Is not the Only Threat

Looking around will only get the indication to anyone of increasing scrutiny of financial regulators over the burgeoning crypto industry. Several crypto firms were called out for their activities and offerings which led to regulatory actions. Amidst the rumor of the SEC banning the crypto staking services to retail investors, which was even pointed out by Coinbase CEO Brian Armstrong, prominent crypto exchange Kraken was barred from offering the services. 

In addition, Kraken was charged a hefty fine worth 30 million USD by the financial watchdog. Many crypto firms offer the similar services and Coinbase being the largest publicly traded crypto exchange within the United States is no exception. Citing any possibility of such actions against the company, the company CEO had indicated to take the issue to the US court. 

Nancy J. Allen
Latest posts by Nancy J. Allen (see all)

Source: https://www.thecoinrepublic.com/2023/02/21/cyberattack-against-coinbase-exploiting-employees-info-countered/