The US-based crypto exchange Coinbase says it managed to stop an attack from a sophisticated and highly skilled hacker.
In a new blog post, Coinbase says the hacker began sending emails to more than a dozen of its employees in May. The emails appeared to be from Gregory Harris, a research grants administrator at the University of Cambridge.
“This email came from the legitimate Cambridge domain, contained no malicious elements, passed spam detection, and referenced the backgrounds of the recipients. Over the next couple of weeks, similar emails were received. Nothing seemed amiss.”
However, on June 17, a new email came from the same address, containing a malicious link. Once opened, the link could install malware capable of taking over someone’s machine.
“Coinbase Security quickly discovered that these emails were anything but ordinary — they were all part of a sophisticated, highly targeted, thought out attack that used spear phishing/social engineering tactics and, most importantly, two Firefox 0-day vulnerabilities.
Within a matter of hours, Coinbase Security detected and blocked the attack.”
Coinbase says it reached out to Cambridge to help the university secure its infrastructure. Coinbase also believes it wasn’t the only target. The popular cryptocurrency exchange has reached out to other organizations that could be at risk.
You can check out the full post and details on the planned attack here.