Coinbase a subi une attaque d’ingénierie sociale qui a compromis des données internes via des employés offshore, avec un coût estimé à 400 millions de dollars.
Binance et Kraken ont été visés par la même méthode, mais leurs systèmes de sécurité, notamment basés sur l’IA, auraient détecté et bloqué l’attaque à temps.
Ces attaques révèlent une vulnérabilité humaine persistante, malgré des protections techniques, et confirment que les plateformes crypto sont des cibles prioritaires.
Après Coinbase, Binance et Kraken font face à des attaques
Following the Coinbase scandal, it’s now Binance and Kraken‘s turn to be targeted by sophisticated phishing attempts. According to Bloomberg, the two crypto exchange giants were targeted by cybercriminals through social engineering techniques, similar to those that cost Coinbase dearly. This time, the security systems held strong.
Same Method, New Target
The attack followed a well-worn pattern: approaching customer support teams via Telegram, attempting to corrupt them for sensitive data such as user balances or addresses. A strategy that worked at Coinbase, where offshore employees were bribed to give access to critical information.
At Binance and Kraken, the scenario was cut short. No data theft was reported. Internal mechanisms, including AI-powered detection systems, detected the anomaly in time and thwarted the attack before any leakage.
Coinbase Pays the Price
Revealed in a SEC filing on Thursday, the incident at Coinbase could cost the platform up to $400 million, between repairs and voluntary reimbursements. To find the culprits, the company even offers a $20 million bounty, refusing to pay the ransom: a strong message sent to the ecosystem.
Fortunately, Coinbase clarified that passwords, private keys, and customer funds were not directly compromised. But the episode raises a burning question: what happens if multiple major exchanges fall into the crosshairs of the same network of cybercriminals?
A Persistent Threat
Bloomberg has not confirmed if the attacks on Binance and Kraken originated from the same group that hit Coinbase. But the coordination, method, and targets leave little room for doubt: crypto platforms are now at the forefront of the most sophisticated digital offensives.
The incident starkly reminds us that the flaw is often neither software nor cryptographic, but human. This time, the vigilance of automated systems and security teams was enough. But the social engineering warfare is far from over.
