wry Posted August 9, 2019 #1 Posted August 9, 2019 Crypto coin stalwart Coinbase reported today that it had thwarted a professional and sophisticated effort to hack its accounts. The attack was ongoing since 30 May, and targeted their employees and systems. It targeted the Firefox browser and utilized day 0 vulnerabilities. So serious stuff. The news article summaries the attack but Coinbase posted additional details on their blog. Given Coinbase's importance and high profile, a successful hack would have probably crippled the crypto ecosystem in many countries. This also seems to support other news stories about how crypto firms are being targeted by sophisticated gangs or even nationally sponsored hackers. Very upsetting. Given how serious the attack was on Coinbase, it makes me wonder about other sites that have been hacked. I've often thought it was just the owner running away with the coins, but something this well done just shows how cautious so many sites dealing with crypto have to be. Link to article: https://www.coindesk.com/coinbase-says-it-foiled-a-sophisticated-hacking-attack Link to Coinbase Blog post about the hacking efforts: https://blog.coinbase.com/responding-to-firefox-0-days-in-the-wild-d9c85a57f15b
nattekut Posted August 9, 2019 #2 Posted August 9, 2019 this will always be a critical point for crypto companies. Hackers will always find new ways to find a tiny entrance through the security system. I will always store my largest amounts of crypto on my cold offline wallets or paper wallets. I never trust online wallets even if it is Coinbase or coin payments. they both are huge companies but online wallets will always be less safe than offline storage
CntryBoy Posted August 9, 2019 #3 Posted August 9, 2019 Unfortunately these are the times we live in and I'm sure the attempts will only get larger and more sophisticated as the prices of crypto continue to rise. 21 minutes ago, wry said: I've often thought it was just the owner running away with the coins, but something this well done just shows how cautious so many sites dealing with crypto have to be. I have often wondered that as well. With the millions and millions of dollars at stake within crypto these days, you just never know and can't help to think the worst sometimes.
barbaris Posted August 9, 2019 #4 Posted August 9, 2019 Yes, hackers are developing faster than modern methods of protection and it is extremely difficult to resist them. But it has always been that criminals are more literate and technically equipped than those who are developing defense methods. Coinbase Instead of collecting personal data, thought about protecting this data and users who entrusted their money to them.
Danifilth Posted August 9, 2019 #5 Posted August 9, 2019 Something muddy is happening at Coinbase. The company has accumulated problems, especially in the area of customer support. Lack of response after several unsuccessful attempts to login to your account from different IPs is a problem. They did nothing to warn the user. In addition, they blocked large transfers, but allowed for smaller ones.
Etude Posted August 11, 2019 #7 Posted August 11, 2019 Well much kudos to Coinbase for being able to stop the sophisticated hacking attempt and manage to stand their ground since their userbase is so large that yes if compromised it would be a huge financial disaster for everyone involved except for the hackers.
cryptofly Posted August 11, 2019 #8 Posted August 11, 2019 Cold wallets are the answer to this. It is true that nobody should let their coins in a exchange or wallet when hackers are doing what they do best against the sites holding cryptos. It is not a secret all sites that were hacked in the past, from Mt. Gox which was legendary to the last binance blackmail going on right now. Best think to do is to listen to the experts and get that cold wallet ready and filled with our coins, and only let in the exchanges the specific amount of coins for trading. My opinion.
djonox Posted August 11, 2019 #9 Posted August 11, 2019 I think that if the hacking attempt would have succeeded all the ecosystem of the crypto would have dropped I would think even that the crypto would not have value big things if celas would have succeeded Anyway well played at coinbase for countering the hacking attack
wry Posted August 11, 2019 Author #10 Posted August 11, 2019 2 hours ago, cryptofly said: Cold wallets are the answer to this. I think this is a very good point, but it goes to the heart of how useful is Bitcoin. If you have all your BTC in a cold wallet you can't use it. So this raises the interesting issue of how much of your BTC should you have accessible, sort of like money in your pocket, versus money in a safe place like a bank (?). People keep money in Coinbase they are going to use, e.g. spend or trade with, and if the bad guys can cripple that, then the usefulness of your BTC even if it's held safely, is much lower. I agree with your core point, if you don't control your private keys you don't control your Bitcoin, but at the same time the infrastructure of Bitcoins ecosystem has to be sound. So I was both scared of this effort and very relieved that Coinbase was able to defeat it.
Enzo Posted August 12, 2019 #11 Posted August 12, 2019 That's crazy. I don't use coinbase so gladly I never had anything to worry about but damn, Day 0 vulnerabilities is kinda crazy. I wonder how hard it was to stop?
burgervictor Posted August 13, 2019 #12 Posted August 13, 2019 Although Coinbase is a big company and focuses on the best people in the blockchain world, hacker attacks are inevitable. There are always many good hackers in the world
williamshennie9 Posted August 14, 2019 #13 Posted August 14, 2019 This is great news for people holding their coins in coinbase. Most of the time we only hear about successful hacks that stole x amount of bitcoin. The fact that coinbase stopped this is great news!
BLXN Posted August 15, 2019 #14 Posted August 15, 2019 CB has a pretty deep security field - I recall not too long ago they discovered a 51% attack on the ETC blockchain, and subsequently squashed it as well. Must be a fun job!
wngo123 Posted August 18, 2019 #15 Posted August 18, 2019 Quote The attack was ongoing since 30 May, and targeted their employees and systems. It targeted the Firefox browser and utilized day 0 vulnerabilities. So serious stuff. The news article summaries the attack but Coinbase posted additional details on their blog. It just shows how dangerous operating crypto exchange is. There have been stories in recent years about problems with crypto exchanges. The best solution is never keep money on cryptoexchange. There are not wallets. Deposit money there, do what you need to do and withdraw as soon as possible!!!
675675 Posted September 24, 2019 #16 Posted September 24, 2019 it's scary especially if you have cryptocurrency there
Featured Comment
Archived
This topic is now archived and is closed to further replies.