Connect with us

Security

Hackers Targeted Coinbase Employees

M. Ali

Published

on

Coinbase revealed that its employees were targeted by sophisticated hack attacks leveraging two Firefox 0-day vulnerabilities, spear phishing, and social engineering.

The attacks started on June 17, where Coinbase’s employees received emails from Gregory Harris, a Research Grants Administrator at the University of Cambridge contained a web link that, when opened in Firefox, would install malware capable of taking over someone’s machine. The attacks were detected and blocked by Coinbase’s security team.

The attackers seems to be highly skilled and experienced in writing exploit codes as they used unpublished Firefox 0-days, they hacked two Cambridge university email accounts, created created a landing page with exploit code at the University of Cambridge official domain and they could bypass Coinbase spam filters.

Coinbase team reached out to Cambridge University to assist in securing their infrastructure and to collect more information about the attacker’s behavior.

Coinbase is a cryptocurrency exchange headquartered in San Francisco, California. Coinbase is considered to be the largest cryptocurrency exchange in USA.

A screen shot from the emails that coinbase stuff received. Image credits to Coinbase

Daily cryptocurrency trader, miner, technology enthusiast and a full time IT and security consultant. If you have any questions or comments please feel free to email him at [email protected]

Continue Reading
Advertisement
Comments

Altcoins

IOTA Releases an Updated Wallet To Fix Trinity’s Security Vulnerability

M. Ali

Published

on

By

IOTA Hack

IOTA’s team has released an updated version of it’s own Trinity wallet to fix some serious security vulnerabilities that allowed hackers to exploit Trinity wallet that was released by IOTA last summer. The new updates is available for Trinity Desktop, Android and IOS

Almost all IOTA’s users who have opened any version of Trinity (Desktop or Mobile) since the 17th of December 2019 are affected by this attack. Yet, only 10 wallets were hacked if not more.

A Reddit post about the recent attack

Iota team said that they are working with law enforcement and cybersecurity experts to track down the attackers. Yet, IOTA has revealed very few details about the attack.

A large amount of IOTA tokens have been stolen. The team predicts that $300,000 to $1.2 million worth of IOTA has been stolen so far. According to IOTA’s Team, the hack started on or around 25 January 2020 and that only Trinity Desktop users’ seeds were potentially compromised.

IOTA will implement a KYC procedure involving a third party that will enable all users who had their tokens stolen to reclaim them.

What is IOTA?

IOTA is a free and scaleable transaction settlement and data transfer layer for the Internet of Things (IoT). It is based on a novel distributed ledger technology, the Tangle, which overcomes the inefficiencies of current Blockchain designs and introduces a new way of reaching consensus in a decentralized peer-to-peer system.

IOTA USD price chart for the last 7 days:

Continue Reading

Exchanges

Poloniex Exchange Forces Password Reset After an Alleged Data Leak

June G. Bauer

Published

on

Poloniex data leak

Yesterday, Poloniex cryptocurrency exchange sent an email to some of its users alerting them about a potential security breach after an alleged list containing Poloniex’s users email addresses and passwords was posted on twitter, which could be used by hackers to gain access to their Poloniex accounts.

While almost all of the email addresses listed do not belong to Poloniex accounts, we are forcing a password reset on any email addresses listed that do have an account with us, including yours.

the exchange wrote in its email notification to the affected users.
A screenshot of Ploniex’s email

It’s unclear how the email addresses and passwords were posted on Twitter in the first place and what percentage of the leaked data contained current data from Poloniex customers. That left many users bewildered whether the leak is real or not.

The daily trading volume on Poloniex exchange is $138,972,143, which makes it within the top 50 cryptocurrency exchanges.

Last November, TRON founder Justin Sun confirmed that he was one of the investors who acquired Poloniex from Circle group.

Continue Reading

Exchanges

Graviex Blames Malicious DDoS Attack After The Exchange Went Offline

June G. Bauer

Published

on

Graviex-Ddos-Attacks

Mysterious attackers have taken down Graviex cryptocurrency exchange over the last couple of days using DDoS (distributed denial-of-service) attacks.

The DDoS attacks took place on Sunday and Monday, December 29 and 30 , and have targeted Graviex’s main exchange website. During the DDoS, attackers successfully managed to overload two of Graviex’s network providers and managed bring down Graviex’ external connections to other ISPs.

The attackers, which appears to actually own a DDoS botnet contacted Graviex’s team demanding ransom payments,but the exchange refused to pay.

At the time of writing, the exchange now appears to be online and fully functional.

A distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example, a botnet) flooding the targeted system with traffic.

Continue Reading

Popular