Crypto exchange Coinbase says at least 6,000 customers had funds stolen from their accounts in phishing attack

Coinbase
  • Coinbase said funds were stolen from atleast 6,000 customers due to a phishing attack that took place between March and May.
  • Some customers may have fallen victim to a phishing campaign and turned over their credentials to attackers, a spokesperson told Insider.
  • The crypto exchange said it is reimbursing customers for any lost value.
  • Sign up here for our daily newsletter, 10 Things Before the Opening Bell.

Coinbase has informed customers about a wave of phishing attacks in which a third-party gained access to accounts on the crypto exchange, leading to funds being stolen from about 6,000 customers.

“Unfortunately, between March and May 20, 2021, you were a victim of a third-party campaign to gain unauthorized access to the accounts of Coinbase customers and move customer funds off the Coinbase platform,” the company wrote, according to a customer notification seen by Insider on Friday. “At least 6,000 Coinbase customers had funds removed from their accounts, including you.”

A Coinbase spokesperson told Insider the company’s security team found a large-scale phishing campaign that showed “particular success in bypassing the spam filters of certain, older email services.”

Coinbase said it took immediate action to mitigate the impact of the fraud by working with external partners to remove the sites when identified, and notifying email providers that were impacted.

“Unfortunately we believe, although cannot conclusively determine, that some Coinbase customers may have fallen victim to the phishing campaign and turned over their Coinbase credentials and the phone numbers verified in their accounts to attackers,” the spokesperson added.

Third parties first gained access to the email address, password, and phone number of the affected Coinbase customer in order to access to enter their accounts. The company said it wasn’t sure how third parties got this access, and that it could have happened either through a phishing attack or another social-engineering technique.

“We have not found any evidence that these third parties obtained this information from Coinbase itself,” the notice said.

In order to access a Coinbase account, two-factor authentication is also required. But in this incident, for customers that use SMS texts for authentication, the third party was successful by taking advantage of a flaw in the company’s SMS Account Recovery process.

“Once in your account, the third party was able to transfer your funds to crypto wallets unassociated with Coinbase,” the notice said.

Coinbase updated its SMS Account Recovery protocol on learning about the attacks, and said it would deposit funds of the same value lost back into customer accounts.

“We will be depositing funds into your account equal to the value of the currency improperly removed from your account at the time of the incident. Some customers have already been reimbursed — we will ensure all customers affected receive the full value of what you lost.”

Read More: Alex Thorn went from being Fidelity’s ‘bitcoin viking’ to leading Galaxy Digital’s research team. He explains why investors shouldn’t ignore the lightning network – and which networks are the most undervalued right now

Read the original article on Business Insider

Sites pushing suspected dogecoin scams have skyrocketed in lockstep with the meme token’s nearly 4,000% rise this year, study shows

Dogecoin and other gold coins on black background
Cryptocurrencies that are set to see the most growth are backed by strong fundamentals

Sites pushing suspected dogecoin scams have skyrocketed in 2021, rising in lockstep with the meme token’s nearly 4,000% rally since the beginning of the year.

Domain registrations relating to dogecoin – or some semblance of the cryptocurrency’s name – jumped 744% from January to May, according to data from cybersecurity firm BrandShield.

In January 2021, only 143 domains were tagged as suspicious registrations compared to the 1,207 in May. Just 25 registrations were identified in December 2020, a year before the joke crypto token began its astounding surge.

Domain registration is the process in which a person or a company “reserves” a name on the internet for a specific timeframe.

The suspicious domains that contain the word “dogecoin” tracked by the company are usually used for phishing scams or other kinds of fraudulent online activity, Yoav Keren, BrandShield co-founder and CEO told Insider.

While bitcoin has more suspicious domain registrations at 1,764 as of May 2021, registrations for the world’s largest cryptocurrency by market capitalization actually slipped by 60% from the 4,308 in January.

Ether also saw a similar downward trend, with 286 suspicious domain registrations in May 2021, an 11% decline from the 323 in January.

Domain registrations of bitcoin, ether, dogecoin per month. Data by
Data registrations per month.

Keren said the rise in dogecoin fraud can in part be attributed to prominent figures constantly stirring up social media chatter over the meme token. He singled out Elon Musk.

The Tesla CEO, who appointed himself the DogeFather, is famous for his market-moving tweets, which at one point pushed the price of dogecoin by 25% with a single word.

Apart from the three cryptocurrencies, the Israeli cybersecurity startup looked into six other coins – polkadot, ripple, litecoin, cardano, tether, and stellar – although found that these did not get as much traction as the more famous tokens.

“The problem with the crypto industry, in general, is how it’s an anonymous industry,” Keren told Insider. “So if you’re defrauded, there’s nothing you can do about it. You can’t know who’s behind that wallet, you can’t go back to your credit card company.”

BrandShield also analyzed five cryptocurrency trading platforms – Coinbase, Binance, Bisq, Bitfinex, and CoinMarketCap – and found that these were also popular targets for cybercriminals, who register fraudulent versions of these domains to trick crypto investors.

Coinbase saw the largest number of suspicious domain registrations, according to BrandShield.

In May 2021, the largest cryptocurrency exchange in the US saw suspicious domain registration rise 323% to 585 from just 138 in January.

Binance, the world’s largest cryptocurrency exchange, came in a close second. Suspicious domain registrations rose 123% to 308 over the same period from 138 at the start of the year.

Once the phishing or scam sites are identified, Keren said his firm uses artificial intelligence and machine learning to continue analyzing them, before having his team report these to the relevant service providers.

“As cryptocurrency receives more mainstream coverage, it shouldn’t surprise anyone that cybercriminals are following the money and targeting retail investors,” Keren said.

Read the original article on Business Insider