Connect with us

Hi, what are you looking for?

Hard News Hard Hitting News Source Global Political News

Cyber Security

Cryptocurrency funds removed from 6,000 Coinbase accounts due to flaw in SMS authentication

Cryptocurrency exchange Coinbase has admitted that a fault in its implementation of SMS-based authentication led to the compromise of at least 6,000 users accounts.

In a letter (PDF) to victims, the US-based exchange said that a third-party actor had gained access to Coinbase accounts and removed funds.

The incident, which happened between March and May 20, 2021, was due to a vulnerability in its two-factor authentication protocol.

Security woes

Coinbase said that the malicious actors were able to carry out the attack as they had prior knowledge of email addresses, passwords, and phone numbers associated with victims’ accounts.

The company said it is not able to “determine conclusively” how the actors obtained the information, but suggested: “This type of campaign typically involves phishing attacks or other social engineering techniques to trick a victim into unknowingly disclosing login credentials to a bad actor.”

Coinbase added: “We have not found any evidence that these third parties obtained this information from Coinbase itself.”

Usually, two-factor authentication methods can stop a bad actor from accessing an account even if they have the credentials.

However, a flaw in Coinbase’s SMS-based authentication meant that they were able to bypass this extra line of defense.

Coinbase explained: “For customers who use SMS texts for two-factor authentication, the third party took advantage of a flaw in Coinbase’s SMS Account Recovery process in order to receive an SMS two-factor authentication token and gain access to your account.”

Data breach

The company also warned that the third party could have had access to all information in the affected accounts, which could include the victim’s full name, email address, home address, date of birth, IP addresses for account activity, transaction history, account holdings, and balance.

In the letter, Coinbase said it has “updated” its authentication protocols, but urged users to switch to using an authentication app or hardware security key.

Customers were also told that they will be reimbursed for any lost funds.

Source: https://portswigger.net/daily-swig/cryptocurrency-funds-removed-from-6-000-coinbase-accounts-due-to-flaw-in-sms-authentication

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

The cybercrime group evaded remediation efforts by installing persistent backdoors and deploying “new and novel malware.” A Chinese-linked hacking group that security researchers say...

Cyber Security

Media and frequent innovative releases aggressively fuel the rapid industry rise of generative AI (Artificial Intelligence) ChatGPT.  But, besides its innovative part, cybercriminals have...

Cyber Security

The law enforcement agency says it has been tracking large volumes of cryptocurrency stolen by North Korean hackers during a summer of high-profile cyber...

Cyber Security

Pyongyang’s growing reliance on cybercrimes to circumvent international sanctions should push the U.S. and its allies to fully enforce existing sanctions and review whether...

Copyright © 2023 Hard News Herd Hitting in Your Face News Source | World News | Breaking News | US News | Political News Website by Top Search SEO