Cybercriminals steal funds on Coinbase
Cryptocurrency trading platform Coinbase has reported unauthorised access to user accounts, including access to personally identifiable information (PII), manipulation of account settings and theft of funds from at least 6,000 of its customers.
Coinbase has been unable to conclusively determine why the cybercriminals had the login credentials of those affected, but has assumed a flaw in the two-step authentication process in the SMS Account Recovery protocol.
Currently, the protocol has been updated and the stolen money has been reimbursed.
References:
- 24/09/2021 oag.ca.gov Subject: Unauthorized Access to Your Coinbase Account
- 01/10/2021 bleepingcomputer.com Hackers rob thousands of Coinbase customers using MFA flaw
- 02/10/2021 securityaffairs.co Threat actors exploit a flaw in Coinbase 2FA to steal user funds