Cover image
JAN 12, 2024

CoinGecko security breach latest threat within crypto space

by CoinNess Global

The crypto space continues to suffer a disproportionate share of hacks and scams that were further exacerbated on Wednesday, with Malaysian crypto data aggregator the latest to succumb to a security breach.
Serving as yet another stark reminder of the persistent threats plaguing the sector, a phishing scam targeted CoinGecko's X account, leading to a brief compromise that raised concerns about the safety of user information.

Phishing scam

During this incident, hackers posted a phishing link on CoinGecko's X account, falsely advertising a token airdrop for a cryptocurrency named GCKO. The deceptive post claimed that GCKO could be used for API services, including the cryptocurrency ANKR. Swift action by CoinGecko involved the removal of the fraudulent post and a public warning urging users to avoid interacting with any suspicious links or content.
In an X post, CoinGecko wrote:”Our Twitter accounts @CoinGecko and @GeckoTerminal have been compromised. We're taking immediate steps to investigate the situation and secure our accounts. Please DO NOT click on any links or engage with suspicious content. Your security is our top priority.”

Employee error

The firm followed up with an update on Thursday, attributing the breach to a team member inadvertently clicking on a fraudulent Calendly link, granting unauthorized access to the hacker.
Despite having two-factor authentication (2FA) enabled and employing robust security measures, CoinGecko emphasized that the inadvertent click allowed unauthorized access. The compromised accounts were then exploited to disseminate misleading information and potentially engage in malicious activities.
CoinGecko expressed sincere apologies for any confusion or inconvenience caused by the incident. The company reiterated its commitment to platform security and continuous improvement of internal controls, assuring users that corrective measures were promptly implemented.

SEC incompetence

CoinGecko's security incident occurred within 24 hours of a similar occurrence involving the U.S. Securities and Exchange Commission (SEC). The SEC's X account was compromised, with scammers posting a false message from Chair Gary Gensler about the approval of spot bitcoin exchange-traded funds (ETFs).
While CoinGecko identified a vulnerability in its security regimen, the SEC later confirmed that the breach in its case was far more basic. It was not due to infrastructure attacks but rather the lack of 2-factor authentication (2FA) tied to the SEC's account, the most basic form of operations security.
Gensler and the SEC have come in for major criticism from the crypto community in the U.S. due to a policy of regulation by enforcement that has been pursued. With that, the Commission came in for swift and harsh criticism in the immediate aftermath of its X account hack.
Many pointed out the irony of Gensler advising consumers to secure their accounts back in October when the SEC itself had failed to do so. Others queried who would be responsible for what some interpreted as an episode of market manipulation, something that the SEC has perennially associated the crypto markets with. During the time that the account was compromised, millions of dollars of value were liquidated in short and long trading positions.
CoinGecko's quick response serves as a valuable lesson in the importance of vigilance and proactive security measures amid the growing threats facing the cryptocurrency community.
To comment, please sign in.
Article has no comments yet.