in

Hackers exploit MFA flaw to steal from 6,000 Coinbase customers — Report

Hackers exploit MFA flaw to steal from 6,000 Coinbase customers — Report



View Reddit by C4-POView Source

Leave a Reply

Your email address will not be published. Required fields are marked *

GIPHY App Key not set. Please check settings

5 Comments

  1. This is not crypto related. It’s possible because the hackers are able to do a SIM swap and intercept the 2FA. When that occurs they can have access to any accounts that have 2FA . You need to work with your wireless provider to secure your account to lock down SIM swapping.

  2. TLDR: Over the spring 2021 quarter, the “lost password / lost 2FA” workflow was found lacking. Attackers who had successfully performed an email hack, sim swap, or phish on the user was able to elevate this access to a coinbase account take over.

    Takeaway: Stop basing your coinbase security on insecure email or SMS providers. Learn how to spot phishing.

    [It’s been known](https://www.reddit.com/r/CoinBase/comments/ogz2z7/) that these recovery workflows were weak for months. IMHO, they should remove the recovery workflows completely and make it like HW wallets. You lose your secrets, it’s on you. No bail out.

What do you think?

Mid Post Ads

Almost $2B Staked in Axie Infinity: AXS Skyrockets 130% Weekly to a New ATH

XRP Price Could Extend Correction Before Fresh Rise!

XRP Price Could Extend Correction Before Fresh Rise!