Security News > 2021 > October > How a phishing attack thwarted MFA to steal money from Coinbase customers
That lesson was hammered home through a recent phishing attack that stole money from Coinbase customers.
The attackers were able to move funds from Coinbase to their own accounts, thus stealing a vast amount of money in the form of cryptocurrency.
Impersonating Coinbase, one of the the phishing messages told the user that someone else may have had access to their account, thus prompting Coinbase to lock it.
After gaining access to the victim's inbox and Coinbase account, the attackers in some cases used that information to impersonate the user, get an SMS-based two-factor authentication code and access the person's Coinbase account.
Though the attack worked by tricking users with a phishing message, Coinbase bears a core level of responsibility.
In its post, Coinbase admitted to a flaw in its SMS account recovery process, a flaw that the attackers were able to exploit to gain access to certain accounts.
News URL
Related news
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- GenAI makes phishing attacks more believable and cost-effective (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Inside the incident: Uncovering an advanced phishing attack (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)