Coinbase Blocked A Malicious Phishing Attack Targeting Employee’s Funds
- Coinbase was targeted by a malicious attack that couldn’t affect users’ funds
- The exchange remains one of the safest in the market
- Coinbase, one of the most popular crypto exchanges around the world, was able to detect and block an attempt to attack users’ funds. The information was released by zdnet on June 20. Coinbase has never experienced an attack that affected users’ funds, remaining one of the safest exchanges in the market.
Coinbase Blocks Malicious Attack
According to these reports, a recent Firefox zero-day was used in attacks against Coinbase employees rather than the users of the company. Philip Martin, a member of the Coinbase security team that reported the attacks to Mozilla mentioned about it:
“On Monday, Coinbase detected & blocked an attempt by an attacker to leverage the reported 0-day, along with a separate 0-day Firefox sandbox escape, to target Coinbase employees.”
If successful, this attack could have gained access to the backend network and be able to access users’ funds from the exchange. This has been used in the past by several attackers in many different exchanges resulting in the loss of millions of dollars in funds from investors.
Philip Martin has also provided more information about this attack on Twitter on June 19. He explained that they were not the only crypto company targeted in this attack. They are also working to notify the other firms that could be affected. Furthermore, they are burning down attacker infrastructure and digging into the attacker involved.
2/ We walked back the entire attack, recovered and reported the 0-day to firefox, pulled apart the malware and infra used in the attack and are working with various orgs to continue burning down attacker infrastructure and digging into the attacker involved.
— Philip Martin (@SecurityGuyPhil) June 19, 2019
It is worth mentioning that a short time ago, Binance, one of the most popular exchanges in the market, was also attacked resulting in the loss of over 7,000 BTC. The platform was also never affected by a hack or an attack, but they were able to refund users with the SAFU fund they have created.
According to CoinMarketCap, CoinbasePro is the 43rd largest exchange in the market with a trading volume in the last 24 hours of $205 million.