Hackers Steal Cryptos from around 6,000 Coinbase Customers

Friday, 01/10/2021 | 21:32 GMT by Felipe Erazo
  • The attack happened due to a vulnerability in the exchange's SMS multi-factor authentication security feature.
Hackers Steal Cryptos from around 6,000 Coinbase Customers
Coinbase

Coinbase, a US-listed cryptocurrency Exchange , suffered a hacking attack that affected around 6,000 customers who got their cryptos stolen after the threat actors spotted a vulnerability. According to BleepingComputer, citing a notification sent by the firm to its users over the week, the incident took place between March and May 20, 2021.

The vulnerability helped the hackers to bypass Coinbase’s SMS multi-factor authentication feature. In fact, attackers just needed the customers’ email addresses, passwords, and phone numbers to steal their Cryptocurrencies . “While it is unknown how the threat actors gained access to this information, Coinbase believes it was through phishing campaigns targeting Coinbase customers to steal account credentials, which have become common. Additionally, banking trojans traditionally used to steal online bank accounts are also known to steal Coinbase accounts,” BleepingComputer commented.

The flaw allowed hackers to transfer funds to third-party wallets not associated with Coinbase. “We immediately fixed the flaw and have worked with these customers to regain control of their accounts and reimburse them for the funds they lost,” a Coinbase spokesperson told Reuters. However, the US-listed company does not believe that information was extracted from the firm itself as of press time.

Victims Compensation

To compensate victims, Coinbase issued the following statement: “We will be depositing funds into your account equal to the value of the currency improperly removed from your account at the time of the incident. Some customers have already been reimbursed – we will ensure all customers affected receive the full value of what you lost. You should see this reflected in your account no later than today.”

Still, it is unclear if Coinbase will reimburse hacked customers with the stolen crypto or fiat currency, BleepingComputer noted. Recently, the US-listed cryptocurrency exchange announced that it would add phone support and deploy a series of measures to strengthen its customer support area at the end of the year.

Coinbase, a US-listed cryptocurrency Exchange , suffered a hacking attack that affected around 6,000 customers who got their cryptos stolen after the threat actors spotted a vulnerability. According to BleepingComputer, citing a notification sent by the firm to its users over the week, the incident took place between March and May 20, 2021.

The vulnerability helped the hackers to bypass Coinbase’s SMS multi-factor authentication feature. In fact, attackers just needed the customers’ email addresses, passwords, and phone numbers to steal their Cryptocurrencies . “While it is unknown how the threat actors gained access to this information, Coinbase believes it was through phishing campaigns targeting Coinbase customers to steal account credentials, which have become common. Additionally, banking trojans traditionally used to steal online bank accounts are also known to steal Coinbase accounts,” BleepingComputer commented.

The flaw allowed hackers to transfer funds to third-party wallets not associated with Coinbase. “We immediately fixed the flaw and have worked with these customers to regain control of their accounts and reimburse them for the funds they lost,” a Coinbase spokesperson told Reuters. However, the US-listed company does not believe that information was extracted from the firm itself as of press time.

Victims Compensation

To compensate victims, Coinbase issued the following statement: “We will be depositing funds into your account equal to the value of the currency improperly removed from your account at the time of the incident. Some customers have already been reimbursed – we will ensure all customers affected receive the full value of what you lost. You should see this reflected in your account no later than today.”

Still, it is unclear if Coinbase will reimburse hacked customers with the stolen crypto or fiat currency, BleepingComputer noted. Recently, the US-listed cryptocurrency exchange announced that it would add phone support and deploy a series of measures to strengthen its customer support area at the end of the year.

About the Author: Felipe Erazo
Felipe Erazo
  • 1036 Articles
  • 43 Followers
Felipe earned a degree in journalism at the University of Chile with the highest honour in the overall ranking, and he also holds a Bachelor of Arts in Social Communication. In addition, he has been working as a freelance writer and Forex/crypto analyst, with experience gained from several forex broker firms and crypto-related media outlets around the world. He has been involved in the world of online forex trading since 2010 and in the crypto sphere since 2015.

More from the Author

CryptoCurrency