MFA Glitch Leads to 6K+ Coinbase Customers Getting Robbed

2021-10-01 20:08

The accounts of at least 6,000 Coinbase customers were robbed of funds after attackers bypassed the cryptocurrency exchange's multi-factor authentication.

The attacker(s) used a flaw in Coinbase's account recovery process to seize the SMS two-factor authentication tokens needed to break into customers' accounts and transfer funds to crypto wallets unassociated with Coinbase.

For customers who use SMS texts for two-factor authentication, the unauthorized third parties had to leverage what Coinbase called a flaw in its SMS account recovery process, in order to receive an SMS 2FA token so as to gain access to accounts.

In a guide on securing accounts, Coinbase recommends enabling MFA authentication using security keys or Time-based One Time Passwords with an authenticator app.

While all MFA solutions can be hacked multiple ways, SMS-based MFA are "Among the most hackable MFA solutions," he said.

Coinbase said that it will deposit funds back into victims' accounts, "Equal to the value of the currency improperly removed from your account at the time of the incident." Some customers have already been reimbursed, the exchange said, promising that customers will receive "The full value of what you lost."

News URL

https://threatpost.com/mfa-glitch-coinbase-customers-robbery/175290/

#glitch #MFA