Connect with us


Coinbase being targeted by ‘unique attack’ highlights how serious attackers are about the cryptospace, claims CISO Martin



Cryptocurrency CEO makes a fraud of $25 million arrested by Dutch Police
Source: Pixabay

Philip Martin, Chief Information Security Officer at Coinbase, recently spoke about a hack which the exchange successfully managed to evade.

According to Coinbase, the highly sophisticated attack began on 30 May, when a dozen Coinbase employees received an email for a certain Gregory Harris, who was supposedly a Research Grants Administrator at Cambridge University. The initial mail was free of any malicious content, while seeming harmless. The mail also came for a legitimate Cambridge domain address. And while certain employees exchanged mails with this email ID, it took a turn for the worse on the 17th of June.

On 17 June, an email laced with malicious codes was sent to Coinbase, the email containing a URL that would automatically install malware in the system, while having the capability to take over the machine. At this point, Coinbase realized that it was dealing with a “unique” attack that involved spear-phishing/social engineering tactics and two Firefox 0-day vulnerabilities.

The blog went on to say,

“The attackers did a good job of creating a sense that the victims were talking to legitimate people using several techniques. Compromised academic emails allowed them to avoid any email filtering or common spam detection, and by spreading the communication out, the attackers modeled normal human behavior. “

The post further clarified that the security team at the exchange was dealing with two separate Firefox 0-day intrusions. One of them allowed the attacker to “escalate privileges from JavaScript on a page to the browser” [CVE-2019-11707], and the other one assisted the intruder to avoid browser sandbox and execute the code on the host system [CVE-2019-11708].

However, Coinbase’s response team managed to act quickly on the matter and the exchange was able to defend its funds after successfully patching both the exploits.

In the aftermath of the attack, Martin made a keen observation. He stated,

What was unique about the attack, was its sheer cost and the unusually high level of effort behind it. It really underscores for me how seriously the attackers are taking the [cryptocurrency] space.”

Where to Invest?

Subscribe to our newsletter

Biraajmaan is a full-time journalist at AMBCrypto covering the US market. A graduate in Automobile engineering, he writes mainly about regulations and its impact with a focus on technological advancements in the crypto space.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *