Exchanges

Hackers steal over 40 BTC from Coinbase within chain of Bitcoin thefts

By Maria Santos

Last Updated: Jan 2, 2018

A string of hacks that targeted Coinbase, the world’s most well-funded Bitcoin wallet, has led to a loss of more than 40 BTC that hit different users of the service.

The main character of this story, reported by The Verge, is Jeff, who lost 10.6 BTC in December of last year (equivalent to around $10,000 at the time). The man, who wanted to keep his last name anonymous, was the victim of a hack and managed to get a refund from Coinbase.

However, a month later, Jeff’s account was attacked for a second time and he lost an additional $7,000, besides his original amount. He was able to save the $7,000, but not the 10.6 BTC, as Coinbase refused to refund him again.

But Jeff is not the only one: there are two other registered thefts that resulted in the loss of $21,000 and more unconfirmed reports at Coinbase’s sub-Reddit.

tumblr_inline_mv3iyxG6Zd1rq0xc0The problem, as researchers from the security firm FireEye told The Verge, is Coinbase’s API key. “Used to let third-party apps access Coinbase accounts, the right API key will let any program move Bitcoins in and out of a given accounts. Once the key is compromised, attackers can even access linked bank accounts to purchase more Bitcoins. Users are advised not to authorize the API key if they don’t need it“, reads the article.

Meanwhile, Coinbase released a statement regarding the matter. “While we have security measures in place that are even tighter than some online banking sites, there are still steps we as a company can take to make Coinbase accounts even more secure than average”, the company said.

“We’ve implemented a number of increased security measures, including expanded two-factor authentication measures designed to help lessen the likelihood of successful phishing incidents in the future. We’ve also added an email verification step for key actions, such as when an API key is enabled”, the statement adds, recalling that it is important for “all customers to exercise caution when clicking links to financial institutions or payment services online”.

Disclaimer Icon
Disclaimer
Crypto is a high-risk asset class. This article is provided for informational purposes and does not constitute investment advice. You could lose all of your capital.
99Bitcoins may receive advertising commissions for visits to a suggested operator through our affiliate links, at no added cost to you. All our recommendations follow a thorough review process.

Free Bitcoin Crash Course

  • Enjoyed by over 100,000 students.
  • One email a day, 7 days in a row.
  • Short and educational, guaranteed!

Why you can trust 99Bitcoins

10+ Years

Established in 2013, 99Bitcoin’s team members have been crypto experts since Bitcoin’s Early days.

90hr+

Weekly Research

100k+

Monthly readers

50+

Expert contributors

2000+

Crypto Projects Reviewed

Google News Icon
Follow 99Bitcoins on your Google News Feed
Get the latest updates, trends, and insights delivered straight to your fingertips. Subscribe now!
Subscribe now
Maria Santos
Maria Santos
Crypto Writer

Maria is an experienced journalist currently living in the UK. She has been writing about Bitcoin and the altcoin universe since 2013. She is also a member of the Lifeboat Foundation's New Money Systems Board and a big cryptocurrency supporter. Read More

Back to top