26 C
Mumbai
Sunday, March 3, 2024
HomeCyber AttacksCoinbase Employee Falls for SMS Scam in Cyber Attack

Coinbase Employee Falls for SMS Scam in Cyber Attack

Date:

Related stories

Remote Access Trojan (RAT): Their Types, Mitigation & Removal

Remote Access Trojan (RAT): Their Types, Mitigation & Removal Post...

Chinese Hackers Exploited Barracuda’s ESG Appliances

Chinese Hackers Exploited Barracuda's ESG Appliances Barracuda has revealed that...

China-Linked Budworm Targeting Middle Eastern Telco & Asian Government Agencies

China-Linked Budworm Targeting Middle Eastern Telco & Asian Government...

Most Important Cyber Security Tips 2023

Most Important Cyber Security Tips 2023 Important Cyber Security Security...

Every Business Owner 10 Essential Cybersecurity Facts Must Know

Every Business Owner 10 Essential Cybersecurity Facts Must Know In...

Coinbase Employee Falls for SMS Scam in Cyber Attack

Coinbase Employee Falls for SMS Scam in Cyber Attack.

Popular cryptocurrency exchange platform Coinbase disclosed that it experienced a cybersecurity attack that targeted its employees.

The company said its “cyber controls prevented the attacker from gaining direct system access and prevented any loss of funds or compromise of customer information.”

The incident, which took place on February 5, 2023, resulted in the exposure of a “limited amount of data” from its directory, including employee names, e-mail addresses, and some phone numbers.

As part of the attack, several employees were targeted in an SMS phishing campaign urging them to sign in to their company accounts to read an important message.

One employee is said to have fallen for the scam, who entered their username and password in a fake login page set up by the threat actors to harvest the credentials.

“After ‘logging in,’ the employee is prompted to disregard the message and thanked for complying,” the company said. “What happened next was that the attacker […] made repeated attempts to gain remote access to Coinbase.”

These attempts to log in to the systems using the captured credentials proved to be unsuccessful owing to the multi-factor authentication protections that were enabled for the account.

Undeterred, the threat actor called the employee claiming to be from the Coinbase corporate Information Technology (IT) team and directed the individual to log into their workstation and follow a set of instructions.

“That began a back and forth between the attacker and an increasingly suspicious employee,” Coinbase explained. “As the conversation progressed, the requests got more and more suspicious.”

The company said it was alerted within the first 10 minutes of the attack and that its incident responders reached out to the victim to inquire about the suspicious activity from their account, prompting the person to sever all communications with the adversary.

Coinbase did not elaborate on the exact instructions the threat actor gave to the employee, but urged other companies to be on the lookout for potential attempts to install remote desktop software such as AnyDesk or ISL Online as well as a legitimate Google Chrome extension called EditThisCookie.

It also warned of incoming phone calls and text messages from specific providers like Google Voice, Skype, Vonage/Nexmo, and Bandwidth.

Coinbase further noted that the attack is likely linked to the sophisticated phishing campaign known as 0ktapus (aka Scatter Swine) that targeted over 130 companies, including Twilio, Cloudflare, MailChimp, and Signal, among others, last year.

Found this article interesting then share with your friends.

For cyber security related free consultation click here

Technogeek Online
Technogeek Onlinehttps://technogeek.online
Technogeek Online mission is to be a digital for technical decision-makers to gain knowledge about transformative technology. We deliver essential information on cyber technologies and strategies to guide you as you lead your organizations. We are inviting you to become a member of our community.

Subscribe

- Never miss a story with notifications

- Gain full access to our premium content

- Browse free from up to 5 devices at once

Latest stories

LEAVE A REPLY

Please enter your comment!
Please enter your name here