Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
On May 15, Coinbase reveals that criminals have stolen personal data from thousands of customers – the biggest security incidence of the company, and one who prepares the cost $ 400 million. The offense is not only for its measure, but how hackers go: Overseas customer support agents to share confidential customer records.
Coinbase has ANSWERED By public announcement it puts a $ 20 million amount of data steals, and who seeks to blackmail the company to not reveal the incident. But it shared some details about who has implemented the attack or how hackers are able to target agents successfully.
A recent investigation of wealthIncluding a review of email messages between coinbase and one of the hackers, finding new details about a loose network of young people talking in English. Meanwhile, the findings also emphasize the role of so-called BPOs, or process outsourcing units, as a weak security ‘operations of tech firms.
A job inside
The story begins with a small but publicly held company based on new Braunfels, Texas, called Taskus. Like other BPOs, it provides customer services to large tech to a minor cost by using staff abroad. In January, Taskus set up 226 staff employees working for coinbase from the Service Center in Indore, India, according to the company’s spokesman.
Since 2017, according to a File With the Security and Exchange Commission, Tasktus provides coinbase customer service staff, an arrangement that reaps US crypto giants that are important to save labor costs. But there is a catch, of course: If customers email to inquire about their accounts or a new coinbase product, they are likely to talk to an employee outside of work. And because these agents get low salaries compared to US workers, they have proved to be easily attracted to wages.
“Early year we recognized two individuals illegally accessed information from one of our clients,” Talkus spokes wealthin reference to coinbase. “We believe that these two individuals are recruited to a wide range of criminal campaigns against this client who also affected many clients.”
The Taskus Firings in January came in less than one month after the Coinbase discovered discovered customer data, according to a regulation File from the company. On Tuesday, a Federal Class Action suit filed in New York for coinbase customers accused of neglecting customer data protection. “Although we do not comment on litigation, we believe these claims without merit and purpose protect ourselves,” as a spokesman of the task. “We have placed the highest priority to take care of our clients’ data and their customers and continue to strengthen our global security protocols and training programs.”
A person who is familiar with the security incident, asking to be unknown to speak legally, said hackers successfully different from the BPOS, and the nature of the data robbed according to each incident.
This stolen data is not enough for hackers to break crypto vaults in coinbase. But it provides a wealth of information to help criminal pose as fake coinbase agents, who have contacted customers and ask them to hand out their Crypto funds. The company said hackers stolen the data over 69,000 customers, but did not tell how many of the victims were so called social engineering scams.
Social engineering scams in this case involve criminals using stolen data to indicate coinbase employees and persuade victims to move their Crypto funds.
“As we revealed, we recently realized that an artist of the threat asked overseas agents, and informed users’ customers,”
While social engineering scams that change the printing representatives are almost none new, where hackers targeted bpos appear novel. And while no one clearly identified the guilty guilty, many signs of a loose network of young English speaking.
‘They’re from video games’
In the days after the revelation of breach of coinbase in the middle of May, wealth Changed telegram messages to someone who calls his own “Puffy Party” and claimed to be one of the hackers.
Two other security researchers talking to anonymous hacker wealth They find the individual to be reliable. “Based on what he shared with me, I took his statements seriously and did not find evidence that his statements were false,” as one. Both researchers requested anonymously because they are afraid of receiving subpoongas for saying Invortoped Hacker.
In exchanges, the individual shares many screenshots of what they say is emails with the Coinbase Security team. The name they used to communicate with the company is “Lennard Schroeder.” They also share screenshots in a coinbase account that belongs to a former executive company showing transact transactions and many personal details.
The coinbase does not deny the authenticity of screenshots.
Hacker-shared emails include Blackmail threats for $ 20 million in Bitcoin, which coinbase refuses to buy hair for buying hair in Brian Armstrong, Bald CEO. “We are ready to support a hair transplant to strengthen the world with a new hair set,” the hackers wrote.
In telegramic messages, man – whose existence wealth know from a resident researcher expresses the contempt of coinbase.
Many crypto robberies were carried by Russian criminals or military criminals in North Korea, but the said hacker called a loose interaction with teenagers and 20-somethings called “com” -shorthand for the community.
Over the last two years, the reports of the Comm have cured media reports about other hacking incidents, including a New York Times story In the past this month where one of those who are deemed crafted series of Crypto indicates itself as a member of the group. And at 2023, Hacker, identified by investigators part of the Comm, POINTS The online operation of a handful of Las Vegas Casino and tried to capture MGM Resorts for $ 30 million, according to Wall Street Journal.
Unlike Russian and North Korea Crypto Hacker, which typically only seeks money, Commin members are always looking for or enjoyment of evil as well. They sometimes work together to attack the attack but also compete with each other to see who can steal more.
“They came from video games, and then they took their high scores in the real world,” says Josh Cooper-Duckett, Director of Investigator. “And their high score in the world is how much money they stole.”
In telegram messages, the hacker’s beholder said members of the comming specialist in different parts of a heist. Hacker’s team hired customer support agents and gathers customer data, which they give to others outside their group to meet the engineering scams outside their group. They have added that various groups associate with Command Comming such as social platafors such as telegram and discords how to meet different surgery parts and agreed to separate profits.
Sergio Garcia, Building Crypto Investigations Company Tracelon, told wealth That the hacker description of the coinbase exploits the mirrors of his observations on how to operate comm and other social engineering scams. The person who is familiar with security incidents telling customers’ customers at current social engineering scams speak English English English.
Tasktus workers in India are paid between $ 500 and $ 700 per month, according to a source of familiar with BPO workers’ wages. Tasktus refused to comment. Even if that is the amount more than the gross domestic Indian product per person, the low-wages of customer support agents often make them easier to get rid of the wages, told Garcia wealth.
“It is obvious that it is the weakest point of the chain, because there is an economic factor for them to accept the bribe,” he added.
This story originally shown Fortune.com
