Coinbase, one of the world’s largest cryptocurrency exchanges, announced that 6,000 users’ accounts were emptied last year as a result of the cyber attack. However, Coinbase announced that it had closed the security vulnerability and covered the loss of 6,000 users within 24 hours.
Today, Coinbase officials announced that they were hacked again. This time, however, the attackers’ target was employees’ company login information.
Fortunately, some of the Coinbase employees noticed this attack right away.
In a statement made by Coinbase, it was stated that unidentified cyber attackers sent SMS to some employees via phishing method and asked them to log into their accounts. Some employees realized that this could be a cyber attack and notified the authorities, while others unfortunately fell into this trap. Employees who received their login information by calling the employees using Multi-Step Account Authentication (MFA), entered the system within a few minutes and transferred the login information of the employees to a remote server. Noticing the situation, Coinbase officials quickly took action and managed to repulse the attack.
The officials, who completely changed the login information of the employees, stated that no user’s information was accessed in the attack and that the accounts were safe. Coinbase officials, who survived a serious attack at the last moment, stated that the method used in the attack was the same as the method of the hackers who attacked Cloudflare last year, and announced that they submitted the necessary documents to law enforcement.
In a similar attack on Cloudflare last year, hackers could not be detected, but evidence was obtained showing that the method used belonged to a hacker group called Scatter Swine/0ctopus.
23020
