(Bloomberg) – After cybersecurity, best practices are not always able to prevent human greed.
The scam proved it again by India’s bribery of Coinbase Global Inc. representatives to steal customer data from cryptocurrency companies and then demand a $20 million ransom.
The fraudsters provided cash to Coinbase customer representatives in exchange for the user’s name, address, government ID images and other data, the company said Thursday. They then intend to use illegally obtained information as Coinbase and Dupe customers abandon cryptocurrency.
Coinbase said it detected multiple instances of customer support agents that gather information about information that users don’t need. Then, on May 11, an unknown attacker emailed Coinbase, demanding ransomware payments in exchange for undisclosed information. At that time, it was obvious that the representation was part of the same plan.
Coinbase is now expected to pay up to $400 million to resolve the incident, the company said in a SEC filing.
If the plan sounds familiar, it’s because it’s hard for companies to figure out how to stop employees from accepting cash from side-by-side fraudsters. Matt Cohen, CEO of cybersecurity company Cyberark, said the incident pointed to the “fragility of human entry points”.
“It’s still the weakest connection – the people themselves,” Cohen said. “Whether it’s violated or violated, it won’t change the fact that the vulnerability layer is with people.”
The hacking group Lapsus$ in 2022 made its name by compromising big victims including Microsoft Corp., Okta Inc. and Samsung Electronics Co. The cybercrime spree was so successful in part because the gang made posts in its public Telegram channel offering compensation to employees at tech firms in exchange for their providing data or giving hackers a foothold into corporate networks.
Security researchers at the time told Bloomberg News that the organization’s strategy was “weird”, but this unique approach proved to be very successful.
Sim exchangers also use bribery as a key strategy. The groups contacted the staff of the telecommunications company and persuaded them to hand over control of the phone numbers belonging to others. Accessing the number allows fraudsters to receive text messages and verification codes that can be used to access the victim’s victim account.
Employees at Verizon Communications Inc. and T-Mobile USA Inc. have reported receiving text messages from scammers who promise hundreds of dollars to help them commit fraud.
This bribery continues to succeed because many of the company employees and contractors who work directly with their clients are low-paid and outside the United States. Companies trying to solve the problem need not only to spend on cybersecurity, but experts in particular expect that such violations will become more common.
“Ten years ago, cybercrime organizations were largely unheard of to exploit insider threats, at least monetary,” said Allan Liska, a future threat intelligence analyst at cyber companies. “As these organizations continue to grow and profit from the attacks, they will become better and more effective in connecting with employees, contractors, partners and suppliers and bribery interactions.”
– Assistance with Lynn Doan.
(Update with Cohen quotes starting from the sixth paragraph)
More stories like this are available Bloomberg.com
