Coinbase Inc., one of the largest crypto exchanges in the entire industry, has suffered an exploit which it disclosed today in which yet unidentified threat actors were able to obtain access to some 6,000 user accounts that were compromised between March to May earlier this year.
According to initial reports from Bleeping Computer, an information security and technology news publication created in 2004 by Lawrence Abrams, the attackers gathered user account information and then promptly exploited a flaw in Coinbase’s MFA (multi-factor authentication) system procedures to gain unauthorized access to these accounts and transfer funds from these accounts off of the crypto exchange. This attack was based on a “large-scale phishing campaign” according to Coinbase.
“While we are not able to determine conclusively how these third parties gained access to this information, this type of campaign typically involves phishing attacks or other social engineering techniques to trick a victim into unknowingly disclosing login credentials to a bad actor. We have not found any evidence that these third parties obtained this information from Coinbase itself.” the firm stated.
Coinbase has since pledged to deposit funds into affected accounts to compensate for the amounts lost due to the exploit, while also providing free phone support and credit monitoring for affected users.
"We will be depositing funds into your account equal to the value of the currency improperly removed from your account at the time of the incident. Some customers have already been reimbursed -- we will ensure all customers affected receive the full value of what you lost. You should see this reflected in your account no later than today," Coinbase said.
Coinbase has also disclosed that it will be working with law enforcement to investigate and possibly catch who was responsible for the exploit. The incident, however, is on a minor scale compared to some recent exploits laid down on decentralized finance protocols.
The access to user accounts do not necessarily mean that Coinbase’s internal security system was itself ‘hacked’ or that the exploit constitutes a large-scale and system-wide hack per se, but that because a certain number of users fell for phishing attack, a common attack vector at that, over 6,000 accounts have been compromised as a result, though only from the user’s end.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.