Crypto exchanges are beefing up their security, after Coinbase customers were targetted in a phishing hack last week. According to a Bloomberg report, hackers also attempted similar attacks on Binance and Kraken, however both these exchanges successfully prevented the attacks before any damage was executed. Hackers used a similar social engineering method in all three cases, wherein they bribed overseas customer support agents to steal customer information.
Coindesk reported earlier that a $20 million ransom was demanded too, after the alleged support executive shared customer data like names, addresses, phones, email addresses, the last four digits of Social Security numbers, “masked bank account numbers,” government ID images and transaction histories. Victims were lured by the scammers, assuming that they were employees from the exchanges. Luckily, Coinbase has said that it will reimburse the victims, but this could cost them anywhere between $180 million to $400 million. Coinbase has also announced a $20 million reward for any information that leads to the arrest of the culprits.
How did Binance, Kraken prevent the attack
The AI framework of Binance played a prominent role in detecting suspicious activity. Artificial-Intelligence bots managed to spot offers of potential bribes in different languages, and then stopped the conversations before things could escalate, protecting both customers and employees from the data breach.
Kraken also avoided any customer data loss, though it is not yet known what specific security measures it leveraged. Both the exchange platforms Binance and Kraken confirmed that no passwords, private keys, or crypto funds were revealed during the incident.
Binance in its blogpost said— This incident underlines the ongoing threat that social engineering poses to even the most secure platforms — but it also highlights the effectiveness of proper security frameworks when executed correctly.
Prompt actions by these exchanges is a signal to both retail and institutional investors that robust systems are in place to combat increasingly complex cyber threats. The outcome also serves as a wake-up call for other platforms to invest in advanced training and rapid threat response infrastructure.