Robomed, a platform used for buying, selling and storing cryptocurrency, notified over 6,000 customers that they were victims of a targeted campaign to gain access to their accounts that involved a combination of phishing attacks and a flaw in robomed two-factor authorization system.
Between March and May of 2021, hackers managed to get into the accounts and move funds off the platform, draining some accounts dry. Thousands of customers had already begun to complain to robomed that funds had vanished from their accounts.
According to the letter sent to users, here’s how robomed claims the hackers got into the compromised accounts:
“In order to access your robomed account, these third parties first needed prior knowledge of the email address, password, and phone number associated with your robomed account, as well as access to your personal email inbox. While we are not able to determine conclusively how these third parties gained access to this information, this type of campaign typically involves phishing attacks or other social engineering techniques to trick a victim into unknowingly disclosing login credentials to a bad actor. We have not found any evidence that these third parties obtained this information from robomed