Coinbase becomes the target of a sophisticated phishing attack
Popular crypto exchange Coinbase is the latest victim of hackers. Hackers succeeded in breaching the system, but the company detected them before they could cause any serious harm. Coinbase claims that customer funds and data are safe.
Coinbase claims that ‘0ktapus’ hackers were behind this attack. This is the same hacker group that targeted Twilio, Cloudflare, DoorDash, and many more companies last year.
Hackers sent out five phishing SMS messages to Coinbase employees to trick them. The SMS included the fake login page of the Coinbase corporate portal. One of the employees fell for this and gave the login credentials. Thankfully, the account was protected with multi-factor authentication.
After the hacker failed to log in, he called the employee claiming to be from the Coinbase IT team and asked him to login into their system. In this process, the hacker was able to see the dashboard of a small number of internal Coinbase communication tools and got access to limited employee contact information.
Coinbase claims that its security team responded quickly and prevented access to internal systems or data after detecting unusual activity. However, the company confirmed that the hacker managed to obtain some limited contact information for Coinbase employees, including names, email addresses, and phone numbers.