TronWeekly

Crypto World News

You are here: Home / Archives for Coinbase breach

Coinbase breach

BitMEX Exposes Lazarus Group’s Weaknesses in Thwarted Attack Attempt

by

  • BitMEX thwarts Lazarus Group’s social engineering attack.
  • Investigation reveals flaws in Lazarus’ operational security.
  • At least 10 accounts tied to the malware identified by BitMEX.

BitMEX, a top Bitcoin options trading platform, was able to stop a social engineering attack linked to the Lazarus Group. A BitMEX employee was approached by the North Korean hacking group through LinkedIn, who offered to collaborate on an NFT marketplace. The employee noticed the threat and informed the security team which stopped a possible damage.

BitMEX discovered that the attackers used the malicious code “BeaverTail,” which had been linked to Lazarus by Palo Alto’s Unit 42. The purpose of the code was to collect passwords and IP addresses from the victim’s computer. However, the attackers made a big operational error and failed to cover their original IP address.

The exchange was then able to build a program that tracked the attackers and found new weaknesses in their operation. Investigators found at least 10 accounts that were most likely created to test or develop the malware. The exchange pointed out that the group’s basic phishing was not consistent with their advanced exploitation techniques.

Lazarus Group Continues Attacks on Crypto Exchanges

The Lazarus Group has been a consistent threat to the cryptocurrency sector with many high-profile attacks. The Bybit hack in February is considered the biggest crypto hack ever recorded and is linked to the notorious group. However, BitMEX’s response shows that proactive steps in security are important in the crypto sector.

BitMEX’s security team reported that Lazarus appears to have divided into several groups with different levels of technical expertise. This division could be an attempt to increase the group reach and exploit various weaknesses. The BitMEX attack shows that even those with much experience can make errors when conducting a complex hack.

BitMEX Presses on Hackers As Coinbase and Others Feel the Heat

BitMEX’s fast response stopped further harm and painted a picture of Lazarus’ dynamic methods. The investigation continues, but the company has already identified where the group’s security failed. The investigative results can improve protection from similar attacks in the future.

This case comes after a data breach at Coinbase which let out customer data and could result in big financial losses. The breach has pointed out the need for better cybersecurity in the cryptocurrency space. These events show that exchanges are still at risk, especially because groups like Lazarus are becoming more advanced.

The attack underscores the persistent risks of hacking in the crypto industry.

Related Reading | Cardano (ADA) Price Prediction: $7 Target Possible If Crypto Market Hits $10 Trillion

Coinbase Hacker Resurfaces with $42M BTC Transfer and Troll Comment to ZachXBT

by

  • The Coinbase hacker trolled ZachXBT by sending him a meme video ten days after the Coinbase breach. 
  • So far, there has not been full coverage on Coinbase’s total amount of loss, but some reports have recorded a transfer of about 17,800 ETH into $44.94 million in DAI using THORChain. 

The Coinbase hacker has resurfaced in the crypto space again after transferring $42 million worth of Bitcoin while openly trolling the popular blockchain investigator ZachXBT.

The hacker sent a message mocking ZachXBT through the Ethereum blockchain input data on Wednesday. This happened ten days after Coinbase publicly revealed that they had a security issue that affected more than 69,000 user accounts.

With the Ethereum input feature, the hacker wrote “L bozo,” a slang used to qualify a loser, basically calling him a loser. The message also had a YouTube link to a meme video of NBA legend James Worthy smoking a cigar; the video was also sent to tease the investigator.

ZachXBT went on to share the details of the event on this Telegram channel he called “Investigations.” There he pointed out that the same person or group was behind the earlier Coinbase breach that exposed thousands of users’ private information.

Losses and Liquidation Recorded So Far from the Coinbase Hack

The details of the Coinbase hack are still yet to be fully confirmed, especially in regard to the amount of money that has been lost so far. According to some sources, Coinbase’s loss stands between $180 million and $400 million, especially when the costs of cleanup and paying affected users are put into consideration.

On Tuesday, an report covered on X said that the hacker started turning stolen funds into stablecoins, swapping about 17,800 ETH for about $44.94 million in DAI within two hours. These trades were made using THORChain, a tool that lets users exchange crypto across networks without needing a central service. According to the record, the swap happened with the ETH price at $2,528, with one trade alone changing 9,080 ETH into roughly $22.82 million in DAI.

Screenshot 20250522 175046 X
Coinbase Hacker Resurfaces with $42M BTC Transfer and Troll Comment to ZachXBT 2

source: Doghablaespanol (X)

It’s also important to take note that in February, ZachXBT shared a post on X saying that Coinbase users lost about $300 million every year to social engineering scams.

Read More: Bitcoin Price Surges Past $111K as OKX Rolls Out xBTC on Solana, Aptos, and Sui

Coinbase Launches $20M Bounty Countering Previous Ransom Threat

by

  • Coinbase refused to pay a $20 million ransom after a breach but instead launched a matching $20 million bounty to anyone who would help in convicting the hacker.
  • The hackers bribed overseas support staff to access limited user data, but so far, no passwords or funds were stolen.

Coinbase has taken their bold stand against cyber extortion by refusing to pay a $20 million ransom to unknown blackmailers. Recently, Coinbase faced a platform breach, and some attackers sent a message claiming that they had confidential information about the platform. 

The attack started on the 15th of May, when the CEO of Coinbase, Brian Armstrong, shared that the company received an email where the sender demanded $20 million. According to the email, the hackers warned that they would leak the private details of customers if the platform didn’t pay $20 million in Bitcoin. Instead of giving in, Armstrong made a public statement refusing to make the payments, but instead, he promised to hunt down those responsible.

How the Attackers Got Coinbase Customer Information

According to investigations done within the company, it is said that the attackers managed to get data from a few users by bribing Coinbase customer support services overseas, but the platform later confirmed that no passwords, wallets, or funds were affected. Armstrong also said that Coinbase will pay back all users who lost crypto through this attack. The company is also moving some of its support teams to new places, though Armstrong did not mention which ones will change.

During all of this, the company launched its own $20 million reward for anyone who can help find and convict the criminals. And as of the time of writing, law enforcement is now involved. Coinbase is also improving its safety systems to stop future threats. This move just shows Coinbase’s dedication to customer security and its zero-tolerance approach to digital blackmail. 

More Reading: Treasury Pressured as Democrats Probe Trump’s Shadowy Crypto Ties