We Love Decentralization

Coinbase customers robbed by hackers using MFA flaw

Although it’s not clear how these threat actors obtained this information, Coinbase suspects it was via phishing campaigns that targeted Coinbase customers in order to steal their account credentials. These have been quite common. The Coinbase bug enabled threat actors access to accounts that were thought to be secure. Therefore, the exchange has been depositing money in the affected accounts to cover the amount stolen. Although we cannot prove it, we suspect that Coinbase customers fell for the phishing scam and gave their Coinbase credentials as well as the verified phone numbers to attackers. In a few cases, attackers were able in some cases to steal the email address and Coinbase credentials of the victim and use them to impersonate that user and receive a two-factor SMS authentication code to gain access to their Coinbase account.\[…]