Subscribe to Our Newsletter
Sign up to receive the latest tech news and updates from Block International straight to your inbox.
By signing up, you will receive emails about block products and you agree to our terms of use and privacy policy.
Sign up to receive the latest tech news and updates from Block International straight to your inbox.
By signing up, you will receive emails about block products and you agree to our terms of use and privacy policy.
Both Binance and Kraken reportedly detected and blocked the attacks in advance, with no indications of data breaches or financial losses. (Alexander Geiger/Shutterstock)The attempted breaches, which appear to have occurred in parallel with the now-infamous Coinbase hack, underscore the growing cybersecurity risks in the digital asset space as hackers increasingly exploit human vulnerabilities rather than technical flaws.
Coinbase, the largest crypto exchange in the United States, revealed on May 13 that it had suffered a serious security incident involving insider collusion and social engineering. The attackers reportedly bribed third-party contractors, customer support agents located overseas, to gain access to internal tools. Using this access, the hackers were able to obtain partial user information and send phishing messages that led to users mistakenly transferring funds.
The breach affected less than 1% of Coinbase’s customer base, but the financial and reputational damage is considerable. According to company filings and media reports, Coinbase estimates potential losses between $180 million and $400 million, mostly due to customer reimbursements and security overhauls. The company also confirmed that it refused to pay a $20 million ransom demand from the attackers and is cooperating with U.S. law enforcement in an ongoing investigation.
The incident has prompted Coinbase to announce new security initiatives, including the establishment of a domestic support hub in the U.S. to reduce reliance on foreign contractors and mitigate similar vulnerabilities in the future.
Following the Coinbase disclosure, unnamed sources told Bloomberg that Binance and Kraken were also targeted by threat actors using similar social engineering tactics. These attacks are believed to have involved attempts to impersonate internal employees or manipulate support staff into granting unauthorized access to internal systems.
However, unlike Coinbase, both Binance and Kraken appear to have proactively detected and thwarted the attempts, with no evidence of data leakage or loss of funds. While neither company has issued a detailed public statement, the incident highlights the importance of layered security protocols, internal red-team exercises, and extensive employee training in the crypto sector.
The common thread across these attacks is the use of social engineering, a method that relies on manipulating people rather than hacking code. In the Coinbase case, the attackers bribed offshore support agents to extract internal access credentials. This type of vulnerability is difficult to defend against using traditional cybersecurity tools because it exploits trust and human error rather than exploiting a technical flaw.
As cryptocurrency exchanges continue to scale globally and rely on complex networks of third-party service providers, especially for customer support, these social engineering tactics are becoming more prevalent.
The attempted attacks on Binance and Kraken come at a time when regulators, especially in the United States and the European Union, are scrutinizing crypto platforms for their operational security standards.
Coinbase, in response to the recent breach, announced plans to localize its customer support by establishing a new U.S.-based hub, aiming to reduce reliance on overseas contractors. The company is also enhancing its security infrastructure with new access controls, improved auditing, and behavioral analytics to better detect and prevent insider threats.
Industry analysts suggest that other exchanges may follow suit, with increased investment in "zero-trust" architectures, multi-factor authentication for internal tools, and advanced user behavior analytics to flag suspicious actions before damage is done.
While the quick detection by Binance and Kraken is commendable, cybersecurity experts caution that users also play a critical role in protecting their own funds. In many crypto-related scams, users are tricked into giving away credentials or transferring assets voluntarily under false pretenses.
The crypto sector, once known for being a haven for pseudonymous transactions, is now facing the same scrutiny and expectations around cybersecurity as traditional finance, perhaps even more so given the irreversibility of blockchain transactions.
As digital assets become more mainstream and institutional investors increase their exposure, exchanges must operate with enterprise-grade security infrastructure. The Coinbase breach, and the failed attempts on Binance and Kraken, are a wake-up call for the entire industry.
In an environment where multi-million dollar ransoms, insider threats, and global hacking syndicates are a reality, crypto exchanges must strike a balance between accessibility and airtight operational security. The future of digital finance may depend on it.
Bitcoin tops Amazon at $2.19 trillion valuation
Bitcoin hits historic $110,000 high amid market momentum
Crypto.com gains dual EU approvals
Kraken unveils regulated crypto derivatives in Europe
Stay ahead with the latest updates, insights, and trends shaping the world of cryptocurrency and blockchain technology.
