An incident report posted by Coinbase’s CISO regarding an attack against the cryptocurrency exchange discloses that the attack began with a phishing campaign launched at the end of May. The phishing messages appeared to come from a legitimate domain. Some of the emails contained links that ultimately exploited a pair of then-unpatched Firefox vulnerabilities. Coinbase Security detected and blocked the attack.
Read more on:
– blog.coinbase.com: Responding to Firefox 0-days in the wild
– www.theregister.co.uk: Anatomy of an attack: How Coinbase was targeted with emails booby-trapped with Firefox zero-days