- Binance and Kraken blocked insider attacks using internal security and access controls
- Attackers used bribes and Telegram to target exchange staff, mirroring the Coinbase breach
- Coinbase faces $180M–$400M in costs after insider access led to major customer data leak
Two major cryptocurrency exchanges, Binance and Kraken, reportedly prevented recent social engineering breaches aimed at their customer service teams. These actions averted a security incident similar in nature to the recent Coinbase compromise.
According to reports, the failed attacks involved attackers offering bribes and sharing instructions via Telegram; importantly, these attempts were detected before any customer data was exposed.
Attack Tactics Echo Coinbase Compromise Involving Insiders, Overseas Staff
The attempts focused on persuading support agents at both Binance and Kraken to reveal sensitive user data or allow unauthorized system access. Attackers contacted staff directly, offered money for cooperation, and gave Telegram* handles for more communication. These methods closely match tactics used in the Coinbase breach, where insiders reportedly got paid to release client information.
In Coinbase’s case, attackers used the access of overseas staff, which led to a security incident. The company announced possible costs between $180 million and $400 million for fixes and customer payments. Coinbase since fired the employees involved in that breach. A $20 million payment was also reportedly demanded by the attackers in the Coinbase situation.
Related: Coinbase Data Breach: Brian Armstrong Offers $20 Million Bounty for Intel on Attackers
Binance Credits Internal AI, Data Access Rules for Preventing Breach
Binance said its internal systems, including automated monitoring tools and artificial intelligence-based bots, flagged suspicious interactions early. These tools enabled the exchange to shut down communications before any breach occurred.
The exchange also cited customer data access restrictions, such as limiting access unless a user initiates contact, as a factor in stopping the attempt. Kraken did not publicly detail its internal mechanisms but confirmed that no customer data was lost during the attempted breach.
Coinbase Breach Underscores Rising Insider Threat Risks in Crypto Industry
Coinbase began observing unusual activity as early as January, with reports indicating that rival platforms had already raised concerns in December about possible targeting of high-value clients. The attackers appear to have used the same communication and social engineering playbook across multiple exchanges, indicating a coordinated effort to exploit internal personnel.
Related: Binance’s CZ Criticizes Safe’s Bybit Hack Report as ZenGo Expands TRX Wallet Features
The Coinbase breach has brought renewed attention to insider threat risks within the crypto industry. Law enforcement agencies have been notified concerning the Coinbase incident, and investigations into the broader pattern of social engineering attacks remain ongoing.
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.
