Conceal Threat Alert: Coinbase Employee Compromised via SMS Phishing Attack
Coinbase, a popular cryptocurrency exchange, reported being the victim of an early February cyber attack that highlights the growing threat facing cryptocurrency exchanges and other organizations of all types.
The attack was carried out by sending fake SMS messages that appeared to be from the company’s security team to Coinbase employees. These messages contained links that, when clicked, took the employee to a phishing website that looked identical to the Coinbase login page. The employee would then enter their login credentials. When the attacker was unable to provide a multi-factor authentication token, the attacker called the employee, armed with the credentials provided via the phishing site, and convinced them to take several actions on their device.
Coinbase notified affected customers and says they have taken steps to prevent further unauthorized access. However, this attack highlights the need for increased vigilance when it comes to cybersecurity, especially for companies dealing with sensitive financial information.
In this case, Coinbase claims they quickly identified the attack via multiple layers of security and a vigilant operator in Coinbase’s Cybersecurity Incident Response Team. Ultimately, the cost of stopping the attack was high, when stopping the attack in the browser as soon as the link was clicked could have reserved security resources expended to limit the damage once the link had been clicked.
And Coinbase was lucky. An attack against Twilio by the same threat actors resulted in the loss of customer data. We have reported previously on attacks by other actors utilizing similar techniques that were successful, even against highly technical employees that likely received anti-phishing training.
How can enhanced browser protection prevent these attacks?
ConcealBrowse is a secure web browser extension that protects against malicious websites linked from any source, including messaging applications. ConcealBrowse uses its advanced decision engine to detect and block or isolate malicious websites before they can cause any harm.
The Coinbase attack highlights the threat facing all types of organizations and the need for increased vigilance when it comes to cybersecurity. ConcealBrowse is an important part of any cybersecurity program that can prevent attackers from ever getting a foothold in your network. Click here to try ConcealBrowse today.
Written by: Conceal Research Team