Coinmama Hacked 450,000 Users Affected in Massive Worldwide Breach

Tamilson

hero member

Activity: 1022

Merit: 503

Quote from: bitfocus on February 16, 2019, 09:34:45 AM

shit! are the funds secured? any casualties ( i mean fund casualties)?

The report says that no funds were stolen and it's all safe. And no usernames and passwords leaked on the darkweb, good thing coinmama immediately act as they urgently advice their users to change their password.
So if you guys use it before to buy bitcoin better to change your password immediately and yes a 2fa. And better to link your account to email address for added security.

Better be safe than sorry.

Zalaster

member

Activity: 308

Merit: 13

Quote from: kkgfhj123 on February 16, 2019, 08:13:24 AM

Few precautions after serious of hacks(cryptopia, localbitcoin, coinmama) :
1. Please avoid keeping your funds in exchanges
2. Use hardware wallet
3. Do not share your private key
4. Prefer using non-custodial exchanges like CoinSwitch, Changelly etc.,
5. Avoid KYC as much as you can.

I absolutely agree with you. Keeping funds in your account is risky, so lately I prefer services without registration. I had problems blocking my Bittrex account, which made me look for new ways. I use Binance as well, but I don’t keep a lot of funds there. Also used CoinSwitch and ChangeNOW. As for KYC, you can avoid it by making small exchanges (~1 BTC)

magneto

hero member

Activity: 1666

Merit: 753

Quote from: kkgfhj123 on February 16, 2019, 08:13:24 AM

Today, February 15, 2019 Coinmama was informed of a list of emails and hashed passwords that were posted on a dark web registry. Our Security Team is investigating, and based on the information at hand, we believe the intrusion is limited to about 450,000 email addresses and hashed passwords of users who registered until August 5th, 2017.

This comes as part of a larger breach affecting 24 companies and a total of 747 million user records.

https://www.ccn.com/breaking-major-crypto-brokerage-coinmama-hacked-450000-users-affected-in-massive-worldwide-breach

Few precautions after serious of hacks(cryptopia, localbitcoin, coinmama) :
1. Please avoid keeping your funds in exchanges
2. Use hardware wallet
3. Do not share your private key
4. Prefer using non-custodial exchanges like CoinSwitch, Changelly etc.,
5. Avoid KYC as much as you can.

Yikes. That's a big breach.

All the points that you made are excellent and I think that anyone who is using an exchange should follow them. As you said, I usually don't do KYC unless there is an absolute need to, because of the fact that you never know who your information is going to be shared with, whether it's going breached (even though this breach apparently only involved usernames and passwords). Also, use different passwords each time you sign up to something and keep track of what sites you're signing up to. That way, your other accounts won't be affected when a breach occurs.

However, I wouldn't consider non-custodial exchanges to be failsafe. They are also risky in terms of forcing you to take KYC, but they do give your funds instantly if the transaction does go smoothly. As long as no funds are stored on an exchange for an extended period of time, usually there are no issues.

I think that monetary losses on Coinmama's end are inevitable, even though they may not be reported now. I doubt the attacker only wants to sell the information when he can get much more from hacking into the accounts and withdrawing. Hopefully Coinmama is taking appropriate action.

bL4nkcode

copper member

Activity: 2142

Merit: 1305

Limited in number. Limitless in potential.

I wonder if this password hashes are possible to decrypt by brute force method.

To all who has an account of any exchange site always use a layered security, enabling 2fa and strong combination of password is a best practice.

jossiel

hero member

Activity: 2842

Merit: 625

I'm not a customer of coinmama but these hacks do happen recently. They are targeting each of these popular exchanges and if someone there hasn't changed your password or doesn't implement 2FA with your accounts, follow what Lucius has been suggesting.

Quote from: Lucius on February 16, 2019, 10:10:53 AM

Users who not use 2FA could be particularly vulnerable, so it is best to change password and enable 2FA as soon as possible.

icalical

sr. member

Activity: 1358

Merit: 268

Graphic & Motion Designer

Quote from: kkgfhj123 on February 16, 2019, 08:13:24 AM

Today, February 15, 2019 Coinmama was informed of a list of emails and hashed passwords that were posted on a dark web registry. Our Security Team is investigating, and based on the information at hand, we believe the intrusion is limited to about 450,000 email addresses and hashed passwords of users who registered until August 5th, 2017.

This comes as part of a larger breach affecting 24 companies and a total of 747 million user records.

https://www.ccn.com/breaking-major-crypto-brokerage-coinmama-hacked-450000-users-affected-in-massive-worldwide-breach

Few precautions after serious of hacks(cryptopia, localbitcoin, coinmama) :
1. Please avoid keeping your funds in exchanges
2. Use hardware wallet
3. Do not share your private key
4. Prefer using non-custodial exchanges like CoinSwitch, Changelly etc.,
5. Avoid KYC as much as you can.

These precautions are not applicable for traders, we mostly keep a quite amount of money in exchange so we can execute trade order immediately. For trader the thing that we need to avoid is to register using the same email and password that is registered in our exchange platform.

The most common way to get our email and password is by making fake giveaway or airdrop, and ask people to register using email and password, some of us still using the same email and password for every kind of situation. We should not do that

hugeblack

legendary

Activity: 2506

Merit: 3645

Buy/Sell crypto at BestChange

Quote from: Lucius on February 17, 2019, 07:39:56 AM

The reports say this is the same hacker who hack some sites before and selling them on dark web for 20 000$ in bitcoin. Now he is asking 14 500$ for data hacked just few days ago. Considering amount of data it sells them pretty cheaply, but he/she still need to find buyer.

Add to that the seller sells data based on the user data and the difficulty in cracking password hashes, which means you are safe if you modify the password quickly.
The reason for the hacking does not seem to have been mentioned at the top, in related to the large number of hacked accounts, read more about that here: https://www.zdnet.com/article/127-million-user-records-from-8-companies-put-up-for-sale-on-the-dark-web/

Lucius

legendary

Activity: 3234

Merit: 5637

Blackjack.fun-Free Raffle-Join&Win $50🎲

kkgfhj123, what you post is related to crypto malware specifically related to Mac users. Hack of Coinmama and more the 20 web sites is related to hacking of databases, and every user can change passwords to prevent possible hacking of account. I think in this case (with hacked database) 2FA can not be bypassed, and because of that they say that such accounts are safer than those who are only protected with password.

The reports say this is the same hacker who hack some sites before and selling them on dark web for 20 000$ in bitcoin. Now he is asking 14 500$ for data hacked just few days ago. Considering amount of data it sells them pretty cheaply, but he/she still need to find buyer.

Hacker who stole 620 million records strikes again, stealing 127 million more

kkgfhj123

jr. member

Activity: 56

Merit: 4

Quote from: kram31 on February 16, 2019, 10:47:51 AM

Quote

Users who not use 2FA could be particularly vulnerable, so it is best to change password and enable 2FA as soon as possible

Never forget to set 2fa on every account you have!
this will make your 3nd gate of security much strongerm though if the exchange was hacked then i dont think so.
There are so many hacking issues now, i hope there will be bug bounties and security to be done in every exchange like what coinbase is doing now!

Quote

From what is written in the article for now there has been no theft of any cryptocurrency, but users are warned to change their passwords. This is not only site which is report hack, and it seems hacker is found a vulnerability in PostgreSQL database software and stole many databases.

Users who not use 2FA could be particularly vulnerable, so it is best to change password and enable 2FA as soon as possible.

I do not think 2FA will solve the problem for the fullest. There are users who's 2FA was hacked.

Unit 42, the global threat intelligence team at Palo Alto Network, discovered Mac malware that can steal cookies linked to crypto exchanges and wallets.

The Unit 42 team said:

“By leveraging the combination of stolen login credentials, web cookies, and SMS data, based on past attacks like this, we believe the bad actors could bypass multi-factor authentication for these sites. If successful, the attackers would have full access to the victim’s exchange account and/or wallet and be able to use those funds as if they were the user themselves.”

You can refer to the complete news here: https://www.ccn.com/mac-malware-steal-crypto-from-exchanges-wallets

After all such news how can we trust on 2FA. Please share what you think.

kram31

full member

Activity: 791

Merit: 139

Quote

Users who not use 2FA could be particularly vulnerable, so it is best to change password and enable 2FA as soon as possible

Never forget to set 2fa on every account you have!
this will make your 3nd gate of security much strongerm though if the exchange was hacked then i dont think so.
There are so many hacking issues now, i hope there will be bug bounties and security to be done in every exchange like what coinbase is doing now!

Lucius

legendary

Activity: 3234

Merit: 5637

Blackjack.fun-Free Raffle-Join&Win $50🎲

From what is written in the article for now there has been no theft of any cryptocurrency, but users are warned to change their passwords. This is not only site which is report hack, and it seems hacker is found a vulnerability in PostgreSQL database software and stole many databases.

Users who not use 2FA could be particularly vulnerable, so it is best to change password and enable 2FA as soon as possible.

bitfocus

member

Activity: 532

Merit: 15

shit! are the funds secured? any casualties ( i mean fund casualties)?

kkgfhj123

jr. member

Activity: 56

Merit: 4

Today, February 15, 2019 Coinmama was informed of a list of emails and hashed passwords that were posted on a dark web registry. Our Security Team is investigating, and based on the information at hand, we believe the intrusion is limited to about 450,000 email addresses and hashed passwords of users who registered until August 5th, 2017.

This comes as part of a larger breach affecting 24 companies and a total of 747 million user records.

https://www.ccn.com/breaking-major-crypto-brokerage-coinmama-hacked-450000-users-affected-in-massive-worldwide-breach

Few precautions after serious of hacks(cryptopia, localbitcoin, coinmama) :
1. Please avoid keeping your funds in exchanges
2. Use hardware wallet
3. Do not share your private key
4. Prefer using non-custodial exchanges like CoinSwitch, Changelly etc.,
5. Avoid KYC as much as you can.

Topic: Coinmama Hacked 450,000 Users Affected in Massive Worldwide Breach (Read 173 times)