Nothing in Particular Blog

A Blog About Nothing In Particular

Explore Orion’s new product lineup. Come back regularly to find our new and exciting products to help you navigate the stars!
  • About Me
  • My Account
  • Privacy Policy
  • Required Disclaimer

Coinbase Foils Extortion Attempt

November 30, 2022 by Mars1

Coinbase fended off a blackmail attempt from a malicious actor who threatened to expose customer records if the exchange didn’t pay a $450,000 ransom.

The blackmailer claimed to have access to 306 million decrypted customer records. Upon investigation and communication with the blackmailer, Coinbase’s security team determined that there had been no security breach or theft of customer records.

Coinbase officially claims to have 108 million verified users in more than 100 countries. It averaged 8.8 million monthly active users in 2021.

Coinbase normally collaborates with law enforcement when it comes to illegal activity. However, it did not elaborate on whether it would pursue the law enforcement route in this case.

“This is an absolutely baseless extortion attempt. The individual is falsifying information to come across as legitimate and they’re just trying to extort money out of companies. I’m sure we’re not the first company on their list or the only scam they have running,” Coinbase Chief Information Security Officer Jeff Lunglhofer told Coindesk.

Coinbase did take the opportunity to highlight its bug bounty program, which offers rewards for pinning down potential security holes. It offers rewards ranging from $200 to $50,000 for finding potential issues with its system. It recently added categories like Fraud Loss, Staking Loss, MNPI exposure (also known as “unfair market advantages”), and third-party provider issues.

In the November 30 blog post about its bug bounty program, Coinbase cited a recent case in which Uber’s former chief security officer, Joe Sullivan, was convicted of charges related to the covering up of a $100,000 ransom payment in a similar extortion scheme.

Coinbase cited the extortion attempt as the wrong way to report a bug and receive a bounty. The malicious actor failed to validate the claim and threatened to exploit the alleged bug. The blackmailer also threatened to contact major news sites like Vice and CBS about the allegedly exposed customer records.

Lunglhofer especially cited the need to avoid attempts at extortion when making a bug report, calling it criminal.

“A bug bounty submission can never contain threats or any attempts at extortion. We are always open to paying bounties for legitimate findings,” says Lunglhofer. “Ransom demands are an entirely different matter.”

It’s not like Coinbase would refuse to pay out a properly reported bounty. In the ten years of its bug bounty program, it paid $400,000 in bounties and resolved 600 reported bugs. The largest one went to a researcher who found a vulnerability in its trading interface and received $250,000 in February 2022.

Posted in: Cryptocurrencies Tagged: Coinbase bug bounty, Coinbase extortion attempt

Like Us On Facebook

Like Us onFacebook
online prescriptions

My Twitter

Recommended Products on Amazon

Ivacy VPN
Hilton Hotels
SodaStream USA, inc
Best Buy Co, Inc.
For out-of-this-world savings on astronomy gear, enter the Orion Deal Zone! We've made it easy to shop in one convenient spot for top-notch astronomy equipment at unbelievably low prices. You never know what you'll find in the Orion Deal Zone!
Sam's Club
Fiverr
John Academy
Yummy World Plush Toys by Kidrobot - Free Shipping on USA Orders of $50+ at Kidrobot.com
American National Standards Institute Inc.
Blockchain Certification
Single Origin Coffees From Cafe Britt!

Copyright © 2023 Nothing in Particular Blog.

Shopping WordPress Theme by themehall.com