Another Cryptocurrency Exchange Attacked. Target - Coinbase.

3 min reading
Coinbase rozwiąże problemy zarządzania blockchain?

Cryptocurrency exchanges are often attacked by hackers. An American cryptocurrency exchange, Coinbase, is an example of the exchange that is a victim of such an attack.

The course of the attack

Brian Armstrong revealed that his exchange was attacked in an extremely sophisticated manner. The goal was first of all to access Coinbase systems and acquire cryptocurrencies worth billions of dollars. Hackers used, among others, a method called spear phishing (personalized phishing),that is gathering of information about the victim prior to the attack. The attack commenced on May 30, when many employees of the exchange began to receive emails signed by Gregory Harris of the University of Cambridge. It looked extremely credible, because the content included very specific information. The message was a request for help in the contest in which Harris was taking part in.
This email came from the legitimate Cambridge domain, contained no malicious elements, passed spam detection, and referenced the backgrounds of the recipients. Over the next couple weeks, similar emails were received. Nothing seemed amiss. There was no indication of fraud.
- declares Coinbase. Everything looked composed until June 17, when the sender put in the email a URL that ignited a malicious software after clicking on it. According to Coinbase, within a few hours the security department has located the problem and blocked further attack. The aim of the attack was mainly to trigger action on the Firefox browser, and it suggested MacOS users the installation of the latest version.

The thwarted attack

Despite extremely complicated and extensive ways to attack, Coinbase managed to thwart it completely. In addition to spear phishing, hackers used, among others, zero-day exploit, that is a program designed to take control of the software by detecting an error in it. The mere fact of setting up accounts and a website related to the University of Cambridge is supposed to take a huge effort. We don’t know when the attackers first gained access to the Cambridge accounts,  or whether the accounts were taken over or created. As others have noted, the identities associated with the email accounts have almost no online presence and the LinkedIn profiles are almost certainly fake. Immediately after the discovery of the attacked computer, Coinbase stopped the operation of the entire machine, and in addition closed all accounts to which the emails were sent. Cambridge was also contacted in order to clarify and rectify this matter, as well as to discover more information about hackers.

Waluta Kurs Dokonaj zakupu

Dear customer,

We use cookies to provide our services correctly and safely. Cookies are small text-based data sets that shall be saved on the device you are using in connection with the use of this instnat website. Cookies are created in order to ensure proper functioning of thes instant website. By clicking the button "I accept and go to the website", you implicitly agree to creation of the cookies on your computer and to deploy automatic tracking and data collection and processing on behalf of the Tokeneo TEO OU. Click the above-captioned button is also tantamount to accepting website's privacy policy. Closing the notification by means of "X" is unequivocally connected with your consent. If you do not agree to any of the above, please discontinue using our Website.

“Cookies” shall make an identification of the software used by you and to customization of this instant website to your needs. Cookies contain the name of the domain from which they origin, duration of period of their storage on your computer and an assigned value.

Third party cookies:
We also use third-party cookies for the following purposes:

  • creating statistics - helping to understand the way Users use the Website, which allows to improve its structure and content with use of the analytical tools
  • defining a user profile - in order to display custom-tailored content in advertising networks.

External entities that might be source of any third-party cookies on this instant Website are as follows:

Using a settings of your web browser or by using pre-set configuration tools available in our service you can independently and at any time change the settings concerning your use of the “cookies”, specifying the conditionsof their storage and how your device is creating and downloading them. These settings can be changed to block the automatic handling of cookies in the settings of your web browser or inform about their placement on your device each time.

Detailed information about the options related to use of “cookies” is available in the settings of your software (web browser).

Service privacy policy

This instant document lays out the principles of the Privacy Policy on the tokeneo.com/news/pl website (hereinafter referred to as the "Website" or "Service"). The administrator of the Website is TOKENEO TEO OÜ (an Estonian law limited liability company) with its registered offices in Tallinn (in the province of Harju Maakond), at 19-7K Maakri Street (in the district of Kesklinna Iinnaosa), 10-145 Tallinn, Estonia, registered on 21.12.2018 in the Estonian Business Register under number 14630242, using the EU VAT number: EE102149487.

The full document to read the Tokeneo privacy policy is available in this document.

Advanced settings can be changed in your browser.