黑客贿赂支持人员在隐形攻击中窃取Coinbase用户数据

加密交易所Coinbase（NASDAQ：COIN）在5月15日披露，一群贿赂海外支持代理商帮助网络犯罪分子窃取了用户数据

A group of overseas support agents, who were bribed by hackers, provided the final access to sensitive user data at crypto exchange Coinbase (Nasdaq:COIN) after a group of hackers gained internal customer support access and attempted a coordinated extortion plot.

一群被黑客贿赂的海外支持代理商在一群黑客获得了内部客户支持访问权限并尝试协调的勒索图之后，在Crypto Exchange Coinbase（NASDAQ：COIN）上最终访问了对敏感用户数据的最终访问。

As revealed by the crypto exchange on Monday, the attackers targeted internal customer support systems and gained access to personal information belonging to fewer than 1% of monthly transacting users.

正如加密货币交易所在周一揭示的那样，攻击者针对内部客户支持系统，并获得了属于每月交易用户不到1％的个人信息。

Coinbase confirmed that login credentials, private keys, and customer funds were not compromised. “Cyber criminals bribed and recruited a group of rogue overseas support agents to steal Coinbase customer data to facilitate social engineering attacks,” the company stated, further noting that no passwords, private keys, or funds were exposed and Coinbase Prime accounts are untouched.

Coinbase证实，登录凭据，私钥和客户资金没有受到损害。该公司表示：“网络罪犯贿赂并招募了一群流氓海外支持代理商，以窃取Coinbase客户数据，以促进社会工程攻击。”

“We will reimburse customers who were tricked into sending funds to the attacker.”

“我们将偿还被欺骗向攻击者汇款的客户。”

The compromised data includes names, addresses, phone numbers, and email addresses. In addition, the hackers obtained masked social security numbers (limited to the last four digits), partially redacted bank account information, government-issued ID images such as driver’s licenses and passports, and account-specific data including transaction history and balance snapshots.

折衷的数据包括姓名，地址，电话号码和电子邮件地址。此外，黑客获得了蒙面的社会保险号（仅限于最近四位数），部分删除的银行帐户信息，政府发行的ID图像，例如驾驶执照和护照，以及特定于帐户的数据，包括交易历史记录和平衡快照。

A limited amount of internal corporate information—like training materials, documents, and communications visible to support agents—was also accessed. However, hackers did not obtain login credentials, two-factor authentication codes, or access to any hot or cold wallets, including Coinbase Prime accounts.

还可以访问有限量的内部公司信息，例如培训材料，文件和通信以提供支持代理商。但是，黑客没有获得登录凭据，两因素身份验证代码，也没有访问包括Coinbase Prime帐户在内的任何热钱包。

After the incident, the exchange said the hackers attempted to extort the company for $20 million to suppress information about the incident.

事件发生后，交易所表示，黑客试图勒索公司的2000万美元，以压制有关此事件的信息。

“They then tried to extort Coinbase for $20 million to cover this up. We said no,” the exchange disclosed.

该交易所透露：“然后，他们试图以2000万美元的价格勒索Coinbase。我们说不。”

“Instead of paying the $20 million ransom, we’re establishing a $20 million reward fund for information leading to the arrest and conviction of the attackers.”

“我们没有支付2000万美元的赎金，而是为导致袭击者被捕和定罪的信息建立了2000万美元的奖励基金。”

In parallel, Coinbase is reimbursing affected users and implementing stronger protective measures. These include new ID checks on large withdrawals, a U.S.-based support center, upgraded security controls, insider-threat monitoring, and simulation testing for internal threats.

同时，Coinbase正在偿还受影响的用户并实施更强大的保护措施。其中包括有关大型提款的新ID检查，美国的支持中心，升级的安全控制，内部威胁监控以及内部威胁的仿真测试。

Notifications have already been sent to affected users, and Coinbase affirmed its commitment to keeping the community informed throughout the investigation. A formal disclosure was filed with the U.S. Securities and Exchange Commission today.

通知已经发送给受影响的用户，Coinbase肯定了其在整个调查过程中保持社区通知的承诺。今天向美国证券交易委员会提出了正式披露。