Cryptocurrency exchange, Coinbase announced that it foiled a ” a sophisticated, highly targeted, thought out attack”, on Thursday.
A blogpost by the company said, that in May this year, over a dozen Coinbase employees received an email purporting to be from Gregory Harris, a Research Grants Administrator at the University of Cambridge. A precursory glance showed that the email came from the legitimate Cambridge domain, passed spam detection, and also provided references to the background of the recipients.
However, in June, Harris sent a different mail, which contained a URL, that when opened in Firefox, would install malware that would take over someone else’s machine.
The blogpost said, “Coinbase Security quickly discovered that these emails were anything but ordinary — they were all part of a sophisticated, highly targeted, thought out attack that used spear phishing/social engineering tactics and, most importantly, two Firefox 0-day vulnerabilities. Within a matter of hours, Coinbase Security detected and blocked the attack. Here’s how it unfolded.”
The blogpost explained how the potential attackers selected their targets. It said that attackers went through a qualification process and multiple rounds of emails with potential victims, making sure they were high-payoff targets before they directed victims to the page containing the exploit payload. This process commonly spanned weeks and only about 2.5% of the people who received the initial emails ended up receiving a link to the page hosting the 0-day. The attackers did a good job of creating a sense that the victims were talking to legitimate people using several techniques.
With passing time, exchanges are getting better at handling mischievous elements in the cryptocurrency sector. In July, this year, two Israeli brothers were arrested for hacking Bitfinex exchange in 2016.
An Israel police spokesperson had said that Eli and Assaf Gigi bagged tens of millions of dollars from their activities. The product of a police raid, the arrests also located a cryptocurrency wallet containing a much smaller sum than the pair are alleged to have stolen.
Liked what you read? Join us on Telegram