Attackers tricked a Coinbase user into giving them access to the account, then stole 200 bitcoin in a matter of minutes. Tracking the bitcoin funds has proved problematic, and US investigators only managed to find and freeze around $600,000.
Bitcoin buyers are a lot more knowledgeable about cybersecurity, or at least more aware of possible dangers, especially when dealing with large sums of money. Or, at least, that’s what most people would believe. Tricking someone with just a notification in this situation seems impossible. As the US Attorney’s Office in Los Angeles showed, it can happen to anyone.
According to a Business Insider report, the buyer, identified as G.R., received a notification shortly after buying the 200 bitcoin. It’s unclear if the notification was on a phone or computer. Like all such messages, it sought to trick the user with something urgent. In this situation, G.R. was informed that the account had been locked, and the attackers provided a phone number.
The victim called the number, believing that a Coinbase representative would respond. A person identified in the court documents only as UI-1 answered and directed G.R. to make some changes to the account that actually provided attackers with remote access to the Coinbase account.
“Once granted access to the Victim Account, UI-1 increased the daily transaction limit and also attempted to deactivate certain notifications and alert settings on the Victim Account,” noted Dan G. Boyle, assistant US attorney in the court documents.
According to the submitted complaint, “the total value of virtual currency transferred out of the Victim Account between 2:02:40 PST and 2:12:41 PST on or about April 20, 2021, without G.R.’s authorization was approximately $11,570,138.”
Following the trail of the transaction was difficult for authorities, as the attackers started to transfer funds from one account to another. A fraction of the stolen funds, 10.2 Bitcoin, ended up at Huobi Global, a large crypto exchange service. Following a warrant issued by US federal judge, Huobi Global agreed to freeze the funds until the investigation is complete.
The rest of the funds are yet to be found, and the investigation is ongoing.