Hackers exploit MFA flaw to steal from 6,000 Coinbase customers — report

Cryptocurrency exchange Coinbase has reportedly suffered another security breach after attackers were able to bypass the company’s multi-factor authentication, or MFA, feature in a coordinated campaign earlier this year. 

The attackers stole cryptocurrency from 6,000 accounts, though the monetary value of the theft wasn’t disclosed, according to a report from Bleeping Computer. Earlier this week, Coinbase reportedly notified affected customers that the theft occurred between March and May of this year.

To gain access to the accounts, the attackers must have known the affected users’ email address, password and phone number. It’s not clear how the attackers obtained this information, though phishing scams targeting exchange users are not uncommon. However, Coinbase did identify a vulnerability in the account recovery process that the attackers exploited to gain access to the accounts:

“ […] in this incident, for customers who use SMS texts for two-factor authentication, the third party took advantage of a flaw in Coinbase’s SMS Account Recovery process in order to receive an SMS two-factor authentication token and gain access to your account.”

Coinbase, which operates one of the largest crypto exchanges in the world, has received scathing criticism for its poor customer service. As Cointelegraph reported, customers whose accounts were reportedly hacked and drained of funds were unable to access support staff, leading to thousands of complaints against the company.

Related: SEC was the only regulator unwilling to meet with Coinbase: Brian Armstrong

Coinbase’s IPO debuted at $86 billion in April, but the company has been unable to scale its customer service department adequately. In August, the company announced a new support line for customers who believe their account has been compromised.


Cryptovixens Source

Share on facebook
Share on twitter
Share on linkedin
Share on pinterest


Your email address will not be published. Required fields are marked *

Get 20% Discount

Sign up to receive updates, promotions, and sneak peaks of upcoming products. Plus 20% off your next order.

Promotion nulla vitae elit libero a pharetra augue

Nullam quis risus eget urna mollis ornare vel eu leo. Aenean lacinia bibendum nulla sed