Thousands of Coinbase customers just got ripped off in a massive hack
Coinbase is already replacing the stolen crypto for users that were targeted.
Coinbase, one of the largest and well-known platforms for cryptocurrency, suffered a breach that has resulted in upwards of 6,000 users having their cryptocurrency stolen.
As reported by BleepingComputer, hackers used a flaw in Coinbase’s multi-factor authentication (MFA) system to bypass SMS checks and gain access to users’ accounts.
It’s unclear at this time how hackers were able to obtain usernames, passwords, phone numbers, and email credentials to gain access, but BleepingComputer notes that a rise in crypto phishing campaigns for crypto exchanges such as CoinBase could be to blame.
Even with that information, SMS verification should have prevented this, but hackers leveraged an SMS Account Recovery flaw to gain access to the accounts.
It seems Coinbase is trying to avoid as much negative press as possible, with BleepingComputer stating that Coinbase is reimbursing those affected. Some users have already seen funds returned to their accounts.
Coinbase is also recommending that people affected by this update their passwords for both Coinbase and their email and consider switching from SMS verification to something more secure, like an authentication app.
Have any thoughts on this? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.
- Neiman Marcus just announced a hack that affects 4.6 million customers
- T-Mobile’s security is shit according to the hacker that breached its servers
- The latest and greatest Windows 10 hacking tool? A Razer mouse
- Hackers released FIFA 21’s source code because EA didn’t seem to care about the ransom