Hackers Targeted Coinbase Employees

Coinbase revealed that its employees were targeted by sophisticated hack attacks leveraging two Firefox 0-day vulnerabilities, spear phishing, and social engineering.

The attacks started on June 17, where Coinbase’s employees received emails from Gregory Harris, a Research Grants Administrator at the University of Cambridge contained a web link that, when opened in Firefox, would install malware capable of taking over someone’s machine. The attacks were detected and blocked by Coinbase’s security team.

The attackers seems to be highly skilled and experienced in writing exploit codes as they used unpublished Firefox 0-days, they hacked two Cambridge university email accounts, created created a landing page with exploit code at the University of Cambridge official domain and they could bypass Coinbase spam filters.

Coinbase team reached out to Cambridge University to assist in securing their infrastructure and to collect more information about the attacker’s behavior.

Coinbase is a cryptocurrency exchange headquartered in San Francisco, California. Coinbase is considered to be the largest cryptocurrency exchange in USA.

A screen shot from the emails that coinbase stuff received. Image credits to Coinbase

M. Ali

Daily cryptocurrency trader, miner, technology enthusiast and a full time IT and security consultant. If you have any questions or comments please feel free to email him at

Recent Posts

LocalMonero Announces 6-Month Shutdown Plan

LocalMonero, the peer-to-peer exchange platform for the privacy-focused cryptocurrency Monero (XMR), will be shutting down… Read More

2 weeks ago

Telecom Giant Vodafone Bringing Crypto to the Masses Via SIM Cards

The major telecom company Vodafone has unveiled an ambitious plan to integrate cryptocurrency wallets directly… Read More

3 weeks ago

No Evidence of Hack, Says Bitfinex CTO Amid Ransomware Gang’s Allegations

In the world of cybersecurity, claims of data breaches can cause significant concern and speculation.… Read More

3 weeks ago

Indian Police Seize 268 Bitcoins Worth $17 Million in Crypto Bust

Indian authorities have seized large sum of bitcoins from a resident of Haldwani, a… Read More

3 weeks ago

Smart Contract Hacking Costs Ex-Engineer $12M and His Freedom

A former senior security engineer was sentenced to three years in prison for executing sophisticated… Read More

1 month ago

Craig Wright’s “Satoshi Nakamoto” Claim Debunked in UK Court Ruling

The mysterious identity of Satoshi Nakamoto, the inventor of Bitcoin, has been burning question… Read More

2 months ago