Coinbase Reveals How It Averted A Complex Hacking Attack Seeking To Extract Private Keys And Passwords


Coinbase’s security team has revealed that it managed to stop a complex phishing attack that sought to extract user private keys and passwords.

In an official blog post the crypto exchange giant revealed that the incident involved the exploitation of two 0-day vulnerabilities on the Mozilla Firefox browser.

According to the blog post, the first steps of this phishing attack started in late-May this year. In the beginning, more than 12 employees of the exchange received an email claiming to be from Gregory Isaacs, a Research Grants Administrator of the University of Cambridge.

The email came from a real Cambridge University UK domain and passed the security filters undetected. Within a couple of weeks, the employees received more emails, which easily passed security checks as they did not have any malicious content.

However, the attackers soon changed their tactics. On June 17, the employees received another email. Unlike the emails that came before it, this email contained a URL. Upon opening the URL with the Firefox browser, it installed a malware on the recipient’s computer.

The San Francisco based exchange details that the hackers used compromised academic accounts to send emails.

The initial emails referenced legitimate academic events. Also, the hackers customized them to fit specific profiles of phishing targets. The June 17 move attempted to infect only 2.5 percent of the targets with the URL that hosted the 0-day.

Coinbase claims that its system and one of its employees flagged the email as suspicious. The exchange’s security team then worked quickly to stop the threat.

With one employee ending up clicking the sent URL. At that point the exchange says:

“we revoked all credentials that were on the machine, and locked all the accounts belonging to the affected employee.”

Although the firm does not divulge lots of details on how they stopped the phishing attack, afterward, Mozilla fixed one of the vulnerabilities in the following day and dealt with the other one in the same week.

Get Daily Headlines

Enter Best Email to Get Trending Crypto News & Bitcoin Market Updates

What to Know More?

Join Our Telegram Group to Receive Live Updates on The Latest Blockchain & Crypto News From Your Favorite Projects

Join Our Telegram

Stay Up to Date!

Join us on Twitter to Get The Latest Trading Signals, Blockchain News, and Daily Communication with Crypto Users!

Join Our Twitter

Add comment

E-mail is already registered on the site. Please use the Login form or enter another.

You entered an incorrect username or password

Sorry, you must be logged in to post a comment.
Bitcoin Exchange Guide