Coinbase, a leading US-based exchange, recently fell victim to a security breach resulting in the loss of $300,000 to MEV bots. The incident was attributed to a misconfiguration involving 0xProject’s token swap platform.
On August 13, a security researcher known as Deebeez uncovered that Coinbase mistakenly utilized the 0x swapper to approve tokens, a function it was not intended for. This approval granted unlimited access to the tokens accrued as fees in the exchange’s router, creating an opportunity for exploitation by malicious actors.
As a result of this oversight, MEV bots were able to drain Coinbase’s fee receiver account of all accumulated tokens. This incident highlights the vulnerabilities that can arise from misconfigurations in cryptocurrency platforms.
Coinbase’s Chief Security Officer, Philip Martin, confirmed that the breach was an isolated event caused by a recent change to one of the company’s corporate DEX wallets. He reassured users that no customer assets were impacted and that the exchange has taken measures to prevent further losses by revoking token allowances and moving holdings to a new corporate wallet.
This security incident comes on the heels of a previous data breach at Coinbase, where nearly 70,000 user’s personal information was exposed. The perpetrators attempted to extort $20 million in Bitcoin and used stolen data to impersonate company staff in social engineering schemes, resulting in the theft of millions of dollars.
Following the data breach, Coinbase has implemented enhanced security protocols to prevent future attacks and terminated employees involved in the breach. The exchange continues to prioritize the security and protection of user assets in light of these incidents.
Overall, these security breaches serve as a reminder of the importance of robust security measures in the cryptocurrency industry to safeguard against unauthorized access and potential exploitation by malicious actors.