Urgent: The theft of the accounts of 6000 clients of this digital exchange…a loophole and fraud by Investing.com

Urgent: The theft of the accounts of 6000 clients of this digital exchange…a loophole and fraud by Investing.com
Urgent: The theft of the accounts of 6000 clients of this digital exchange…a loophole and fraud by Investing.com

© Reuters

Investing.com – Popular exchange Coinbase has revealed that a party stole cryptocurrencies from its 6,000 customers after using a vulnerability to bypass the company’s SMS multi-stage security feature, BleepingComputer reports.

Coinbase is the second largest cryptocurrency exchange in the world, with nearly 68 million users from more than 100 countries.

Coinbase explained in a notice sent to affected customers that between March and May 20, 2021, a hacker conducted a campaign to hack Coinbase customers’ accounts by stealing their cryptocurrency.

To carry out the attack, Coinbase says the attackers needed to know the customer’s email address, password, and phone number associated with their Coinbase account, and access the victim’s email account.

While it is not known how the attackers gained access to this information, phishing campaigns targeting Coinbase customers to steal account credentials are becoming common. Bank trojans traditionally used to steal online bank accounts are also known to steal Coinbase accounts.

MFA vulnerability allowed access to accounts

Even if the hacker has access to the Coinbase client credentials and email account, they are usually prevented from logging into an account if the client has enabled the multi-stage enablement system.

In Coinbase’s Guide to Securing Accounts, they recommend enabling two-factor authentication (MFA) using security keys, time-based passwords (TOTP) with an authenticator app, or SMS as a last resort.

However, Coinbase notes a vulnerability in the SMS account recovery process, allowing hackers to obtain the two-factor authentication code for SMS needed to access a secure account.

“Even with the information described above, additional authentication is required to access your Coinbase account,” explained the Coinbase customer notice seen by BleepingComputer.

“However, in this incident, for customers using SMS for two-factor authentication, the third party took advantage of a flaw in the Coinbase SMS account recovery process in order to receive the SMS two-factor authentication code and access your account.”

Since Coinbase’s bug allowed threatening actors to gain access to what are believed to be secured accounts, the exchange deposits funds into the affected accounts for the equivalent of the amount stolen.

Cryptocurrency now

  • The price is now 47114.4, an increase of 9.31%.
  • The price of Ethereum 3210.26 increased by 7.85%.
  • 2.2018 price, up 5.72%.
  • The price of 153,969, an increase of 11.29%.
  • The price is 1.01562, an increase of 8.13%.
  • The price of Polkadot is 30,644, an increase of 9.56%.
Explanation of the risks: Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. All CFDs (stocks, indexes, futures) and Forex prices are not provided by exchanges but rather by market makers, and so prices may not be accurate and may differ from the actual market price, meaning prices are indicative and not appropriate for trading purposes. Therefore Fusion Media doesn’t bear any responsibility for any trading losses you might incur as a result of using this data.

Fusion Media or anyone involved with Fusion Media will not accept any liability for loss or damage as a result of reliance on the information including data, quotes, charts and buy/sell signals contained within this website. Please be fully informed regarding the risks and costs associated with trading the financial markets, it is one of the riskiest investment forms possible.

Source

Urgent theft accounts clients digital exchangea loophole fraud Investingcom

 
For Latest Updates Follow us on Google News
 

PREV The dollar jumped 7100 pounds during a month… What is the relationship of importers of oil derivatives?
NEXT Increasing oil production will help in a certain reduction in the price of natural gas