Don’t let smishing get you down! Learn how Coinbase employees were targeted by a persistent social engineering attack and how the company’s quick defence protected it from disaster.
Coinbase, one of the largest cryptocurrency exchanges in the world, has reported a cybersecurity incident that targeted its employees with an SMS phishing attack (Smishing) using persistent social engineering tactics.
Coinbase has over 1,200 employees worldwide, and as of 2022, the exchange was home to more than 103 million verified users. This makes the company a lucrative target for small-time crooks and state-based hacking groups such as Lazarus and others alike.
The Text Message
It all started on Sunday, February 5, 2023, when several Coinbase employees received text messages asking them to use the link sent by the attacker for an urgent login. While all recipients ignored the text, one employee logged in with his/her username and password.
With the help of the employee’s login credentials, the attacker attempted to access Coinbase’s internal network. However, since the company had enabled multi-factor authentication (MFA) for employees, the attacker could not bypass the security feature and was unable to proceed further even after several attempts.
While the attacker was unsuccessful in accessing Coinbase’s system, a limited amount of data from the company’s directory was exposed, including names, email addresses, and phone numbers of a limited number of employees.
The Call
Support the originator by clicking the read the rest link below.
