Anatomy of an attack: How Coinbase was targeted with emails booby-trapped with Firefox zero-days
Source: The Register
By: Thomas Claburn
Published: August 9, 2019
* Coinbase chief information security officer Philip Martin this week published an incident report covering the recent attack on the cryptocurrency exchange, revealing a phishing campaign of surprising sophistication.
* “Stage one of this attack first identified the operating system and browser, and displayed a convincing error to macOS users who were not currently using Firefox, instructing them to install the latest version from Mozilla,” Martin wrote. “After visiting the page in Firefox, the exploit code was delivered from a separate domain, analyticsfit[.]com, which was registered on May 28.”