Как фишеры Coinbase крадут одноразовые пароли

Недавняя фишинговая кампания, направленная на пользователей Coinbase, показывает, что воры становятся все умнее в подборе одноразовых паролей (OTP), необходимых для завершения процесса входа в систему. Это также показывает, что фишеры пытаются зарегистрировать миллионы новых аккаунтов Coinbase в рамках усилий по выявлению адресов электронной почты, которые уже связаны с активными аккаунтами. Переведенная Google версия ныне не … Читать далее

Florida Man Arrested in SIM Swap Conspiracy

Police in Florida have arrested a 25-year-old man accused of being part of a multi-state cyber fraud ring that hijacked mobile phone numbers in online attacks that siphoned hundreds of thousands of dollars worth of bitcoin and other cryptocurrencies from victims. On July 18, 2018, Pasco County authorities arrested Ricky Joseph Handschumacher, an employee of … Читать далее

Website Glitch Let Me Overstock My Coinbase

Coinbase and Overstock.com just fixed a serious glitch that allowed Overstock customers to buy any item at a tiny fraction of the listed price. Potentially more punishing, the flaw let anyone paying with bitcoin reap many times the authorized bitcoin refund amount on any canceled Overstock orders. In January 2014, Overstock.com partnered with Coinbase to let customers pay … Читать далее

Israeli Online Attack Service ‘vDOS’ Earned $600,000 in Two Years

vDOS — a “booter” service that has earned in excess of $600,000 over the past two years helping customers coordinate more than 150,000 so-called distributed denial-of-service (DDoS) attacks designed to knock Web sites offline — has been massively hacked, spilling secrets about tens of thousands of paying customers and their targets. The vDOS database, obtained by KrebsOnSecurity.com … Читать далее

SendGrid: Employee Account Hacked, Used to Steal Customer Credentials

Sendgrid, an email service used by tens of thousands of companies — including Silicon Valley giants as well as Bitcoin exchange Coinbase — said attackers compromised a Sendgrid employee’s account, which was then used to steal the usernames, email addresses and (hashed) passwords of customer and employee accounts. The announcement comes several weeks after Sendgrid … Читать далее