Hackers Bypass Coinbase 2FA To Steal Customer Funds

An anonymous reader quotes a report from The Record: More than 6,000 Coinbase users had funds stolen from their accounts after hackers used a vulnerability in Coinbase's SMS-based two-factor authentication system to breach accounts. The intrusions took place earlier this year, between March and May, the exchange said in a data breach notification letter it has filed with US state attorney general offices. Coinbase said the attacks could exploit this bug only if they knew the victim's username and password. "While we are not able to determine conclusively how these third parties gained access to this information, this type of campaign typically involves phishing attacks or other social engineering techniques to trick a victim into unknowingly disclosing login credentials to a bad actor. "We have not found any evidence that these third parties obtained this information from Coinbase itself," the company said. Coinbase said it would reimburse all users who lost funds in these intrusions.

Read more of this story at Slashdot.



from Slashdot https://ift.tt/3l0vtmi

SUBSCRIBE TO OUR NEWSLETTER

“Work hard in silence, let your success be your noise"

0 Response to "Hackers Bypass Coinbase 2FA To Steal Customer Funds"

Post a Comment

ad

Search Your Job