Cryptocurrency giant Coinbase has revealed that “at least 6,000 Coinbase customers have seen funds withdrawn from their accounts Following a recent phishing campaign that saw hackers bypass an SMS authentication feature used by the company to secure multiple accounts.

The phishing campaign was first reported in August, but its magnitude only became clear after a letter the company sent to affected customers began to circulate.

In this letter, Coinbase states that the hackers gained access to the victims ’email accounts and then used those compromised accounts to dump these users’ cryptocurrencies. Although Coinbase requires a security feature of ” two-factor authentication“, The SMS version of this feature, which allows users to receive a text message to confirm a transaction, failed.

” However, in this incident, for customers who use SMS for two-factor authentication, the third party took advantage of a loophole in Coinbase’s SMS account recovery process in order to receive a two-factor authentication token. factors by SMS and access your account“, Indicates the letter.

Coinbase also says it will reimburse people who lost funds as a result of the phishing attack, and that it has already started reimbursing customers. The company did not disclose the total amount the hackers stole.





The incident did not result, as some have reported, in a Coinbase hack, as the hackers do not appear to have breached the company’s internal systems. Instead, the thefts took place because customers fell into phishing attacks targeting their personal email – an extremely common occurrence.

However, it is unclear why Coinbase took so long to recognize these incidents, which took place between March and May. While the company posted a blog post earlier this week describing a sophisticated phishing campaign, it did not disclose that hackers had used it to successfully steal thousands of customers. Coinbase also doesn’t appear to have done anything to warn its customer base when the attacks were underway, or even in the months that followed.

According to a spokesperson for Coinbase, the company was unwilling to interfere with law enforcement investigating the incident.

” Due to the size, scope and sophistication of the campaign, we worked with a range of partners, law enforcement agencies and other stakeholders to understand the attack and develop techniques. attenuation. We did not feel comfortable disclosing the attack publicly until the correct steps were taken to ensure that it could not be successfully repeated and that it would not compromise the integrity of the investigations. law enforcement“, Said the spokesperson.

The attacks appear to have been global in nature, as the letter from Coinbase states that it will provide credit monitoring services in ” your country of residence“.

Coinbase has also urged its customers to switch to a more secure form of two-factor authentication, such as an external hardware device or an authenticator app.