A user identified simply as GR lost the 200 bitcoins (BTC) he was trying to buy through cryptocurrency exchange Coinbase. It happened after he received an apparent notification that his account was blocked just at the moment when he had completed the purchase of the cryptocurrencies.
The operation had taken 10 minutes to complete, just the time it took a hacker or group of them to seize the $ 10 million in bitcoin that GR was trying to acquire last April, when the price of the cryptocurrency was around $ 50,000. So, desperate, when he received the notification that his account was blocked, he immediately contacted the telephone number that appeared in the notice, not knowing that he had signed his own sentence.
It turned out that the notification allegedly sent by Coinbase was false, and when the user contacted the phone number listed on it, they unknowingly fell into the hands of scammers. It was then that they obtained all the information they needed to access their account and seize the newly purchased BTC.
During the phone call, the victim believed she was speaking with Coinbase customer service and therefore agreed to make changes to her account. With that would have given the attacker (or attackers) permission to change the daily transaction limit and the configuration of alerts to later drain the funds.
A United States federal judge approved a court order to help recover stolen bitcoin funds, according to a complaint filed by the United States Attorney’s Office, seen by Business Insider.
A portion of the stolen funds, equivalent to $ 600,000 apparently were deposited by the scammer (s) into a Huobi exchange account. For that reason, the federal judge would have approved an order to freeze this account until the confiscation procedures are completed, as described in the publication of the aforementioned media.
“No one has been arrested or charged, but our investigation is ongoing,” says the law firm hired by the victim.
Beware of hackers who are thirsty for bitcoin
At the beginning of last month, CriptoNoticias reported that Hackers stole cryptocurrencies from at least 6,000 Coinbase customers. This happened by exploiting a flaw in the multi-factor authentication system, which would have allowed scammers to infiltrate users’ accounts and steal cryptocurrencies.
It happened through a sophisticated massive social engineering attack targeting users of the exchange between March and May of this year, as revealed in a breach notification letter sent by Coinbase to its affected customers. Up to now it is unknown if user G. R is one of these victims.
In a post in his official blog, the company advises that phishing attacks have increased among its customers achieving “a higher degree of success by avoiding the spam filters of certain older email services,” he says.
In Coinbase’s guide on account protection, it is recommended enable multi-factor authentication (MFA) using security keys, time-based unique passwords (TOTP) with an authentication app, or, as a last resort, SMS text messages.