Nearly 6,000 users have fallen victim to a robbery on Coinbase, one of the largest cryptocurrency exchanges, due to a vulnerability related to account security and two-step verification.
The Bleeping Computer website indicated that Coinbase confirmed the theft information, which occurred between April and May 2021, as discovered by the platform’s security team during its investigations.
According to the report, some users were robbed through malicious emails that allow hackers to access Coinbase email and password information. Two-step vulnerability to theft due to the loophole.
The hackers were able to exploit the vulnerability in order to confirm the authenticity of the data and complete the process of transferring funds from the stolen accounts, where instead of the confirmation messages reaching the original users, the hackers bypassed it and obtained the code in their own way.
Although about 6,000 people were exposed to theft on the platform, no information was announced about the value of the amounts stolen, whether small or large.
Coinbase sent a warning to about 125,000 users in August telling them to change the two-step verification settings on their accounts, but said at the time that the notification was in error. The platform has always recommended its users to take verification apps as their main verification solution and make texting over the phone their last option, and apparently with good reason.