Recently, a blog post from Coinbase made headlines but how Coinbase foiled hack attack details were missing from the post.
The post revealed that an attempt of a sophisticated attack on their computer systems is witnessed by them.
For treacherous intentions, the hacker, if succeeded, would be able to inflict computer systems via downloading code (virus) onto their systems. Fortunately, this hacking attempt got timely impeded.
Two Firefox 0-day vulnerabilities were referred to in the said blog post which took place back in May and June. For a layman, Firefox 0-day vulnerability is a jargon used for a loophole in the computer software which if goes untreated allows hackers to get the system penetrated.
This correspondence made way for the cyberpunk to get connected with the staff members that he/she was aiming at. Right after getting in touch with the “high-payoff targets,” the hacker, then, sent another email embedded with a cryptic element.
How Coinbase foiled hack attack explained
Harris, on 17th June, delivered the second email that contained a malicious URL. That URL was intended for malware installation when opened in Firefox and was able enough to take charge of someone’s computer, steal passwords and get access to the valuable data.
1/ A little more context on the Firefox 0-day reports. On Monday, Coinbase detected & blocked an attempt by an attacker to leverage the reported 0-day, along with a separate 0-day firefox sandbox escape, to target Coinbase employees.
— Philip Martin (@SecurityGuyPhil) June 19, 2019
This, however, led to automated alerts being triggered which was ultimately followed by the discovery of an exploit. As soon as the exploit was discovered, Coinbase notified Mozilla about this issue at hand. Note that Mozilla develops Firefox.
This was a “sophisticated, highly targeted, thought out attack that used spear-phishing/social engineering tactics and, most importantly, two Firefox 0-day vulnerabilities.
Nevertheless, everything is safe and protected, fortunately, because of the timely action taken by Coinbase. Above everything, contrarily to Binance, this time the hacker failed at getting hold of tons of KYC data.