6,000 Coinbase Accounts Hacked

Insured Finance
4 min readOct 9, 2021

--

The Intelligent Insurer #36 — Exchange acknowledges breach and flaw with security authentication protocols

Cryptocurrency exchange Coinbase is the latest victim in what has been a significant series of hacks in 2021. The world’s second largest cryptocurrency exchange disclosed that 6,000 accounts were compromised with Bitcoin successfully being stolen from them. A flaw with the exchange’s two-factor authentication system (2FA) is being blamed.

In the latest Intelligent Insurer, we highlight the details of the security breach and examine how seemingly sophisticated security systems are also vulnerable to breaches. However, we’ll first highlight the development progress we’ve made this past week.

Insured Finance development update

We are fully committed to creating the world’s premier insurance marketplace for digital assets. This past week, we made further progress towards our Alpha release and continued with unit testing our token faucet’s smart contract. In addition, we also achieved the following milestones:

  • We completed our user guide documentation which is now available at this link.
  • We continued efforts to invite 25 users with testnet tokens onto our platform by providing them instructions and a product tour. Users can now leave post-event feedback.
  • We continued developing our front-end stack and integrated analytics dashboards into our product.

Given the sensitive nature of our platform, we’re rigorously testing all features for security and ironing out any bugs as they rise. We remain committed to providing our users with a safe and engaging experience and will continue to keep the community updated about our efforts.

Coinbase users targeted by hackers

In a statement acknowledging the incident, Coinbase detailed that hackers conducted a phishing campaign targeting the exchange’s users between March and May 2021. This is another link in a long chain of events targeting Coinbase users. Previous reports detail increasing phishing activity and malware aimed at compromising user accounts.

(Source: Blog.Coinbase.com)

(Source: Blog.Coinbase.com)

(Source: Blog.Coinbase.com)

The troubling aspect of this hack is that attackers needed to know customers’ email addresses. The phishing emails impersonated the official Coinbase email address and obtained access to user passwords and phone numbers. The exchange reports that it notified email service providers when it noticed the problem earlier this year, but cannot speak to how many people fell victim to these campaigns.

Some security observers speculate that the promise of 2FA protocols might have lulled users into believing they were always protected, despite being targeted in phishing campaigns. Subsequent events proved how mistaken these users were.

Coinbase 2FA at the heart of the attack

Coinbase recommends its users set up multi-factor authentication (MFA) using one time keys delivered via SMS or an app. The exchange recommends authentication apps but acknowledges that SMS can be used as a method of last resort. It was this authentication method that the hackers targeted.

While the details are unclear, Coinbase acknowledges a flaw in their SMS-backed account recovery process protocols. The hackers allegedly used a sim swap service to trick mobile carriers into sending one-time passwords to the hacker’s phones, instead of the user’s. Thus, Coinbase’s 2FA protocols were compromised.

Once breached, hackers had access to personal user information such as their full name, email address, home address, date of birth, IP addresses for account activity, transaction history, account holdings, and balances. Following the discovery of the hack, reports alleged that the exchange was less than cooperative in addressing user concerns.

Coinbase eventually released a statement promising users that they will be compensated for all funds lost. It’s unclear whether the compensation will be in the form of fiat money or cryptocurrency. The former could lead to tax implications for users if the value of their holdings rose in the interim, giving them further headaches to combat.

Digital asset insurance as a solution

Some hot takes in the crypto world have noted that the hack is old news and that all flaws have been addressed. However, this doesn’t account for the damages that investors have suffered. It also exposes how seemingly sophisticated 2FA protocols have a weak link that ordinary investors cannot begin to evaluate.

(Source: Twitter.com)

Insurance solutions like Insured Finance become increasingly attractive in light of major exchanges like Coinbase being successfully hacked. Anyone who secured insurance on the Insured Finance marketplace would be eligible for compensation given the successful exploit.

About Insured Finance

Insured Finance is a decentralized, peer-to-peer insurance marketplace. Insured Finance users can request customized insurance on a wide variety of digital assets. Those that fulfill requests earn premiums and can earn a competitive return on their capital. Claims are fully collateralized and settled instantly.

--

--

Insured Finance

A decentralized P2P insurance marketplace with easy claims and instant payouts. Powered by Polkadot.