Connect with us

News

Coinbase being targeted by ‘unique attack’ highlights how serious attackers are about the cryptospace, claims CISO Martin

Mark Prestwood

Published

on

Cryptocurrency CEO makes a fraud of $25 million arrested by Dutch Police
Source: Pixabay


Philip Martin, Chief Information Security Officer at Coinbase, recently spoke about a hack which the exchange successfully managed to evade.

According to Coinbase, the highly sophisticated attack began on 30 May, when a dozen Coinbase employees received an email for a certain Gregory Harris, who was supposedly a Research Grants Administrator at Cambridge University. The initial mail was free of any malicious content, while seeming harmless. The mail also came for a legitimate Cambridge domain address. And while certain employees exchanged mails with this email ID, it took a turn for the worse on the 17th of June.

On 17 June, an email laced with malicious codes was sent to Coinbase, the email containing a URL that would automatically install malware in the system, while having the capability to take over the machine. At this point, Coinbase realized that it was dealing with a “unique” attack that involved spear-phishing/social engineering tactics and two Firefox 0-day vulnerabilities.

The blog went on to say,

“The attackers did a good job of creating a sense that the victims were talking to legitimate people using several techniques. Compromised academic emails allowed them to avoid any email filtering or common spam detection, and by spreading the communication out, the attackers modeled normal human behavior. “

The post further clarified that the security team at the exchange was dealing with two separate Firefox 0-day intrusions. One of them allowed the attacker to “escalate privileges from JavaScript on a page to the browser” [CVE-2019-11707], and the other one assisted the intruder to avoid browser sandbox and execute the code on the host system [CVE-2019-11708].

However, Coinbase’s response team managed to act quickly on the matter and the exchange was able to defend its funds after successfully patching both the exploits.

In the aftermath of the attack, Martin made a keen observation. He stated,

What was unique about the attack, was its sheer cost and the unusually high level of effort behind it. It really underscores for me how seriously the attackers are taking the [cryptocurrency] space.”

Mark is a full-time member of the Editorial team of AMBCrypto. With his five-year experience as a business editor for one of the largest dailies in the US, Mark brings sanity and order to our editorial team. Mark is a business major and loves building automotive parts when he's not working. Email him at mark@ambcrypto.com or editor@ambcrypto.com

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *