The 2-factor authentication system at Coinbase cryptocurrency exchange turned out to have vulnerabilities. That allowed cybercriminals to steal funds from the wallets of more than 6000 users. This case is not the first cryptocurrency-related emergency involving hackers1 to happen recently.
How did it happen?
It is known so far that the hackers had the users’ names, passwords, and telephone numbers that the accounts were pegged to. This somehow allowed the cyberthieves to override the 2FA system used by the exchange. The verification procedure implies sending one-time passwords to users via SMS.
According to Coinbase’s official response addressed to the victims of the fraud, the robbery was possible due to the leak of at least 6000 users’ names, telephone numbers, and e-mail addresses with access to them.
The attackers took advantage of a breach in the Coinbase account recovery procedure, which genuinely uses the two-factor authentication, not the logging-in process. After accessing the accounts of Coinbase users, cyberthieves transferred their funds to some wallets that did not belong to the exchange.
Coinbase administration has hastily revised and updated the account recovery protocols.
Coinbase is making up its clients’ losses and denies the possibility of its complicity in the data dump, at least the company possesses no evidence of such involvement. It remains unknown how exactly the leak of personal data of the crypto exchange users happened.
User Review( votes)
- News item on Bitcoin.org hacking