Coinbase Attacked By Sophisticated Hackers

Cybersecurity Experts Point To Iran For Bitcoin Ransomware
Cybersecurity Experts Point To Iran For Bitcoin Ransomware

Since the moment Bitcoin (BTC) became a high-value asset, criminals, and especially hackers, have been chasing companies and people who have a high amount of cryptocurrencies stored. Cryptocurrency exchanges have been among the victims of cyberattacks, with millions of dollars worth in cryptocurrencies being stolen from their hot wallets.

Just recently, Coinbase described how it had been targeted by a very sophisticated attack that aimed to gain access to their systems in an attempt to steal millions worth in cryptocurrencies. According to a blog post, Coinbase’s technical team explained how the successful event was carried out by hackers and how the security measures taken by the company reacted on time to prevent any loses.  

According to the details shared by Coinbase, hackers tried a combination of different techniques to access the system such as spear phishing, social engineering and browser zero-day exploits, although none of them was successful. The attack started weeks ago with many emails being sent on behalf of Gregory Harris, a Research Grants Administrator at the University of Cambridge. The emails contained information about employees’ past histories and requested help judging projects competing for an award:

This email came from the legitimate Cambridge domain, contained no malicious elements, passed spam detection, and referenced the backgrounds of the recipients. Over the next couple weeks, similar emails were received. Nothing seemed amiss.

After conversations were established with the staff, hackers began sending an email with a URL that contained malware capable of taking over someone’s machine. Luckily, within hours Coinbase security team was able to detect and block this attack. According to Coinbase:  

The cryptocurrency industry has to expect attacks of this sophistication to continue, and by building infrastructure with excellent defensive posture, and working with each other to share information about the attacks we’re seeing, we’ll be able to defend ourselves and our customers, support the cryptoeconomy, and build the open financial system of the future.