Coinbase Employee Falls for SMS Scam in Cyber Attack, Limited Data Exposed

2023-02-21 10:13

Popular cryptocurrency exchange platform Coinbase disclosed that it experienced a cybersecurity attack that targeted its employees.

One employee is said to have fallen for the scam, who entered their username and password in a fake login page set up by the threat actors to harvest the credentials.

"After 'logging in,' the employee is prompted to disregard the message and thanked for complying," the company said.

Undeterred, the threat actor called the employee claiming to be from the Coinbase corporate Information Technology team and directed the individual to log into their workstation and follow a set of instructions.

Coinbase did not elaborate on the exact instructions the threat actor gave to the employee, but urged other companies to be on the lookout for potential attempts to install remote desktop software such as AnyDesk or ISL Online as well as a legitimate Google Chrome extension called EditThisCookie.

Coinbase further noted that the attack is likely linked to the sophisticated phishing campaign known as 0ktapus that targeted over 130 companies, including Twilio, Cloudflare, MailChimp, and Signal, among others, last year.

News URL

https://thehackernews.com/2023/02/coinbase-employee-falls-for-sms-scam-in.html

#attack #scam