As per the latest reports, one of the largest cryptocurrency exchanges in the entire world has faced a hack. According to the history of the exchange, this is the second time the exchange has suffered a hack in a row. The reports suggest that the hackers managed to exploit the multi-factor authentication (MFA) functionality of the company.
After exploiting the functionality and bypassing it, the hackers were able to attack the accounts, and then the funds of several users on the Coinbase platform.
The initial investigation on the matter shows that the hackers managed to hack the accounts of a total of 6,000 users. After gaining access to the accounts of the users, the hackers proceeded with stealing funds from their accounts.
For now, the investigation team from the Coinbase exchange has not provided many details around the exploit. The investigation team has refrained from sharing the total amount of cryptocurrencies that the hackers have managed to steal.
The investigation team has communicated that they are still trying to figure out how many cryptocurrencies the hackers have stolen. The officials from Coinbase have stated that they are looking into the matter and will be providing more details in the coming days.
The firm currently working alongside Coinbase on the matter is Bleeping Computer. Bleeping Computer is also providing information surrounding the matter in order to keep the users up-to-date.
Surprisingly, the exchange has revealed that the hackers had exploited the MFA from March to May of 2021. Bleeping Computer has revealed that in order for the hackers to carry out the hack, the hackers would have needed the credentials of the users. This would have included the phone number, password, and email address of the users.
It is currently not clear how the hackers were able to gain access to such information belonging to 6,000 users. However, the possibility of phishing is not out of the question. In recent years, there have been several cases for Coinbase where users’ information was stolen by the fraudsters through phishing emails.
Therefore, it is highly likely that the hackers might have adopted the strategy in order to carry out their scams and collect users’ information in the process.
The cybersecurity teams at Coinbase have revealed that they have already found the flaw that was used by the hackers to carry out the exploit. Since the discovery, the flaw has been fixed, so no more attacks can be committed using the same flaw.
According to the teams, the hackers were able to find a flaw in the SMS Account Recovery feature that Coinbase had introduced in its MFA. The hackers were able to acquire two-factor authentication access in order to carry out their exploit.