Threat actors are breaching Coinbase accounts through a phishing campaign, bypassing two-factor authentication (2FA) to steal from users’ crypto balances. They use spoofed emails imitating Coinbase and a variety of underhanded tactics to gain credentials and control over accounts. An advanced structure lets them utilize 2FA relay methods to bypass Coinbase’s multi-factor authentication. The stolen funds are then dispersed through multiple transactions across ‘burner’ accounts in an attempt to hide their trail.

U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation
The U.S. Department of Justice announced punitive action against 16 individuals accused of developing and using DanaBot malware, controlled by a Russian cybercrime organisation. The