The Impact of Cyberattacks on the Crypto Industry: Evaluating Coinbase Hack and More
- Oktopus Hits Coinbase
- More Than Just a Text Message
- Common Phishing Attacks in Cryptocurrency
- Prevention Keeps Our Wallets Safe
Oktopus Hits Coinbase
Coinbase, an American listed corporation that runs a system for trading cryptocurrencies, was hacked by the use of a social-engineering into the company’s data was accessed. Speculations have it that the hacker is associated with the Oktapus cybercriminal group, which stole and victimized many organizations in 2022.
According to corporate executives, a worker was the target of a hoax SMS text last week and then received a false phone call from the offender. The SMS text, which contained a phishing link and an immediate request for recipients to enter their work accounts, was sent to many employees on February 5.
One receiver clicked on the link and submitted their login information, although the rest of the recipients ignored the message. Nevertheless, because of its strong cybersecurity measures, Coinbase was able to stop the attacker from directly accessing the system, preventing any monetary loss or client data risk.
More Than Just a Text Message
Twenty minutes after receiving the first text message, the hacked staff’s phone buzzed. The person on the opposite end of the line pretended to represent Coinbase corporation IT and asked for help from a colleague.
The unsuspecting victim complied with the hacker’s directives, gaining access to the Coinbase database and reacting to increasingly dubious requests because they were still being taken seriously by the employee as authentic.
A representative from Coinbase named Jeff Lunglhofer claims that IT prevented the attacker from accessing the system because they could not provide the required Multi-Factor Authentication (MFA) keys.
The very first safety mechanism, according to Lunglhofer, accomplished almost nothing to deter the hackers. According to him, 0ktapus is “very relentless and intelligent,” Over the past year, it has been accused of attacking several businesses, including Cloudflare and Twilio, among many others.
Common Phishing Attacks in Cryptocurrency
Cybercriminals frequently use phishing attempts to deceive victims into disclosing financial information, and sensitive material, including private information and login passwords. With the digitized form of the cryptocurrency industry, many crypto users should be vigilant not to fall victim to these few attacks that hackers use to gain access to exchange accounts or wallets.
Email Phishing: Hackers send emails that seem to be from trustworthy cryptocurrency exchanges or wallets but are meant initially to fool recipients into disclosing personal user credentials or secret keys. These emails might feature files infected with malware or links to phony websites.
Through social engineering, hackers may contact victims via chat or platforms on social media to fool people into disclosing personal login information or keys. Additionally, they might make the pretense of being contact center agents or pals who require assistance logging into their sites.
Hackers build bogus websites that imitate trustworthy cryptocurrency exchanges or wallets. The attackers use these websites to deceive users into providing their secret keys or login information, whereby hackers can exploit to acquire the victims’ cryptocurrency.
Prevention Keeps Our Wallets Safe
Watch out for suspicious emails: Never open links or enter confidential info in emails that prompt you to. Also, watch out for phishing telltales like phony email accounts or spelling errors.
By necessitating a second phase of authentication, such as a code delivered to your phone or email, two-factor authentication (2FA) provides an additional layer of protection to your accounts.
Ensure you are at the appropriate webpage before inputting your login information or secret keys. Examine the URL for phishing indicators, such as erroneous domains or additional digits, words, or letters.