Two days ago Coinbase detected an attempted attack on its exchange, as explained on Twitter by Philip Martin, member of the security team of the platform.
2/ We walked back the entire attack, recovered and reported the 0-day to firefox, pulled apart the malware and infra used in the attack and are working with various orgs to continue burning down attacker infrastructure and digging into the attacker involved.
— Philip Martin (@SecurityGuyPhil) June 19, 2019
The attack was carried out by exploiting Firefox’s recent 0-day vulnerability and, if it had been successful, the hacker would have had access to the backend network and thus would have had access to the funds of the exchange’s users.
The attack described by Martin targeted one of the employees of the platform from whom the account credentials were stolen in order to access Coinbase.
As the tweet says, it has been possible to block the attack, contain the problem and fix the flaw.
The positive thing is that, at the moment, there have been no signs of compromised accounts. Among other things, the attack has not only targeted Coinbase but also other companies in the crypto space.
Coinbase was able to handle the attack in a very efficient way. Given the gravity of the attack and the flaw, the situation could have been similar to that of Binance of a few months ago, during which 7000 BTC were stolen, equivalent to almost 70 million dollars at the current exchange rate.
