{"id":31799,"date":"2019-08-09T14:51:00","date_gmt":"2019-08-09T14:51:00","guid":{"rendered":"https:\/\/fr.cryptonews.com\/?p=31799"},"modified":"2023-06-26T11:06:30","modified_gmt":"2023-06-26T11:06:30","slug":"this-is-how-hackers-attempted-to-attack-coinbase-4082","status":"publish","type":"post","link":"https:\/\/cryptonews.com\/fr\/exclusives\/this-is-how-hackers-attempted-to-attack-coinbase-4082\/","title":{"rendered":"Voici comment les pirates ont tent\u00e9 d\u2019attaquer Coinbase"},"content":{"rendered":"<p>Aux &Eacute;tats-Unis, <b>Coinbase <\/b> a donn&eacute; plus de d&eacute;tails sur la r&eacute;cente tentative de piratage informatique, affirmant qu&#8217;ils &eacute;taient la cible d&#8217;une attaque sophistiqu&eacute;e soigneusement planifi&eacute;e utilisant des tactiques d&#8217;ing&eacute;nierie sociale et de hame&ccedil;onnage ainsi que deux attaques de type <a href=\"https:\/\/cryptonews.com\/fr\/news\/update-your-firefox-browser-save-your-crypto-3703\/\">Firefox zero-day<\/a>.<\/p><figure><img decoding=\"async\" src=\"https:\/\/cimg.co\/w\/articles-attachments\/1\/5d4\/d5eafbf351.jpg\" sizes=\"(min-width: 640px) 720px, 100vw\" srcset=\"https:\/\/cimg.co\/w\/articles-attachments\/1\/5d4\/d5eafbf351.jpg 300w, https:\/\/cimg.co\/w\/articles-attachments\/2\/5d4\/d5eafbf351.jpg 600w, https:\/\/cimg.co\/w\/articles-attachments\/3\/5d4\/d5eafbf351.jpg 720w, https:\/\/cimg.co\/w\/articles-attachments\/4\/5d4\/d5eafbf351.jpg 900w, https:\/\/cimg.co\/w\/articles-attachments\/0\/5d4\/d5eafbf351.jpg 1254w\" alt=\"\" class=\"content-img\"><figcaption>Source: iStock\/DragonImages<\/figcaption><\/figure><p>Sur son <a href=\"https:\/\/blog.coinbase.com\/responding-to-firefox-0-days-in-the-wild-d9c85a57f15b\" target=\"_blank\" rel=\"noopener\">blog<\/a>, <b>Philip Martin<\/b>, le responsable de la s&eacute;curit&eacute; et de l&rsquo;information de la soci&eacute;t&eacute; a expliqu&eacute; qu&rsquo;au cours de plusieurs semaines, depuis le 30 mai, un certain nombre d&rsquo;employ&eacute;s de Coinbase avaient re&ccedil;u un courrier &eacute;lectronique d&rsquo;une personne se faisant passer pour Gregory Harris, administrateur des subventions de recherche &agrave; <b>l&rsquo;univesit&eacute; de Cambridge<\/b>, qui ne semblait en aucun cas suspect &#8211; son email &#8220;provenait du domaine de Cambridge, ne contenait aucun &eacute;l&eacute;ment malveillant, passait la d&eacute;tection du spam et faisait r&eacute;f&eacute;rence &agrave; des &eacute;l&eacute;ments en lien avec les destinataires&#8221;. Tout cela donnait l&#8217;impression que les victimes parlaient &agrave; quelqu&rsquo;un de l&eacute;gitime, dit Martin.<\/p><p>Le groupe, suivi par Coinbase sous le nom &#8220;CRYPTO-3&#8221;, a &eacute;galement cr&eacute;&eacute; de faux profils LinkedIn, de faux comptes de messagerie, une page de destination imitant une page de l&#8217;Universit&eacute; de Cambridge, enregistr&eacute; le domaine et clon&eacute; ou modifi&eacute; les comptes existants. <\/p><p>Apr&egrave;s avoir recherch&eacute; des victimes potentielles via plusieurs courriels, 2,5% des personnes ayant re&ccedil;u le courriel initial ont re&ccedil;u un lien vers la page h&eacute;bergeant l&rsquo;attaque &ldquo;zero-day&rdquo;. Le 17 juin, &lsquo;Harris&rsquo; a envoy&eacute; un e-mail avec &ldquo;une URL qui, lorsqu&rsquo;elle serait ouverte dans Firefox, installerait un logiciel malveillant capable de prendre le contr&ocirc;le de la machine de quelqu&#8217;un&rdquo;, ce que Coinbase a d&eacute;tect&eacute; et a bloqu&eacute; &ldquo;en quelques heures&rdquo;, &eacute;crit Martin.<\/p><p>L&#8217;attaque a &eacute;t&eacute; ex&eacute;cut&eacute;e en deux temps:<\/p><ul><li>Identifier le syst&egrave;me d&#8217;exploitation et le navigateur; affichant une erreur convaincante aux utilisateurs de macOS qui n&#8217;utilisaient pas Firefox et leur demandant d&#8217;installer la derni&egrave;re version; installant le code d&rsquo;attaque apr&egrave;s la visite de la page dans Firefox; en utilisant cette installation comme &#8220;charge utile initiale de vol de reconnaissance et de v&eacute;rification des identifiants&#8221;. Coinbase a d&eacute;clar&eacute; avoir d&eacute;tect&eacute; les assaillants lors de la premi&egrave;re &eacute;tape.<\/li><li>L&#8217;&eacute;tape 2 &eacute;tait probablement utilis&eacute;e comme un RAT (Remote Access Trojan), un cheval de Troie &agrave; acc&egrave;s distant, un programme malveillant qui inclut une porte d&eacute;rob&eacute;e pour le contr&ocirc;le administratif de l&#8217;ordinateur cible). &ldquo;Nous avons observ&eacute; une activit&eacute; de l&rsquo;implant de stade 2 compatible avec le contr&ocirc;le humain direct&rdquo;, &eacute;crit Martin.<\/li><\/ul><p>Un employ&eacute; et des alertes automatis&eacute;es sont entr&eacute;s en jeu, l&#8217;enqu&ecirc;te a commenc&eacute; tandis que les attaquants n&#8217;en avaient probablement pas conscience. &ldquo;Une fois que nous &eacute;tions certains d&rsquo;avoir r&eacute;ussi &agrave; ma&icirc;triser notre environnement, ils ont contact&eacute; l&rsquo;&eacute;quipe de s&eacute;curit&eacute; de Mozilla pour partager le code d&rsquo;exploitation, qui a ensuite r&eacute;solu la vuln&eacute;rabilit&eacute;, ainsi que l&rsquo;Universit&eacute; de Cambridge&rdquo;.<\/p><p>Martin dit que plus de 200 personnes ont &eacute;t&eacute; cibl&eacute;es par cet attaquant. Coinbase &#8220;a identifi&eacute; les organisations employant ces personnes afin que nous puissions contacter et fournir &agrave; leurs &eacute;quipes de s&eacute;curit&eacute; les informations dont elles avaient besoin pour s&eacute;curiser leur infrastructure et prot&eacute;ger leurs employ&eacute;s.&#8221;<\/p>","protected":false},"excerpt":{"rendered":"<p>Aux &Eacute;tats-Unis, Coinbase a donn&eacute; plus de d&eacute;tails sur la r&eacute;cente tentative de piratage informatique, affirmant qu&#8217;ils &eacute;taient la cible d&#8217;une attaque sophistiqu&eacute;e soigneusement planifi&eacute;e utilisant des tactiques d&#8217;ing&eacute;nierie sociale et de hame&ccedil;onnage ainsi que deux attaques de type Firefox zero-day.Source: iStock\/DragonImagesSur son blog, Philip Martin, le responsable de la s&eacute;curit&eacute; et de l&rsquo;information de [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2,3],"tags":[186,48],"editors":[2550],"sponsored_companies":[],"class_list":["post-31799","post","type-post","status-publish","format-standard","hentry","category-exclusives","category-people","tag-coinbase","tag-piratage","editors-jurgen-hoffman"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Voici comment les pirates ont tent\u00e9 d\u2019attaquer Coinbase<\/title>\n<meta name=\"description\" content=\"Voici comment les pirates ont tent\u00e9 d\u2019attaquer Coinbase\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/cryptonews.com\/fr\/exclusives\/this-is-how-hackers-attempted-to-attack-coinbase-4082\/\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Voici comment les pirates ont tent\u00e9 d\u2019attaquer Coinbase\" \/>\n<meta property=\"og:description\" content=\"Voici comment les pirates ont tent\u00e9 d\u2019attaquer Coinbase\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cryptonews.com\/fr\/exclusives\/this-is-how-hackers-attempted-to-attack-coinbase-4082\/\" \/>\n<meta property=\"og:site_name\" content=\"Cryptonews France\" \/>\n<meta property=\"article:published_time\" content=\"2019-08-09T14:51:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-06-26T11:06:30+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cimg.co\/w\/articles-attachments\/1\/5d4\/d5eafbf351.jpg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"Voici comment les pirates ont tent\u00e9 d\u2019attaquer Coinbase\" \/>\n<meta name=\"twitter:description\" content=\"Voici comment les pirates ont tent\u00e9 d\u2019attaquer Coinbase\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/cimg.co\/news\/25284\/7557\/5d4d5ed15a02e.jpg\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Voici comment les pirates ont tent\u00e9 d\u2019attaquer Coinbase","description":"Voici comment les pirates ont tent\u00e9 d\u2019attaquer Coinbase","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/cryptonews.com\/fr\/exclusives\/this-is-how-hackers-attempted-to-attack-coinbase-4082\/","og_locale":"fr_FR","og_type":"article","og_title":"Voici comment les pirates ont tent\u00e9 d\u2019attaquer Coinbase","og_description":"Voici comment les pirates ont tent\u00e9 d\u2019attaquer Coinbase","og_url":"https:\/\/cryptonews.com\/fr\/exclusives\/this-is-how-hackers-attempted-to-attack-coinbase-4082\/","og_site_name":"Cryptonews France","article_published_time":"2019-08-09T14:51:00+00:00","article_modified_time":"2023-06-26T11:06:30+00:00","og_image":[{"url":"https:\/\/cimg.co\/w\/articles-attachments\/1\/5d4\/d5eafbf351.jpg","type":"","width":"","height":""}],"twitter_card":"summary_large_image","twitter_title":"Voici comment les pirates ont tent\u00e9 d\u2019attaquer Coinbase","twitter_description":"Voici comment les pirates ont tent\u00e9 d\u2019attaquer Coinbase","twitter_image":"https:\/\/cimg.co\/news\/25284\/7557\/5d4d5ed15a02e.jpg","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"NewsArticle","@id":"https:\/\/cryptonews.com\/fr\/exclusives\/this-is-how-hackers-attempted-to-attack-coinbase-4082\/#article","isPartOf":{"@id":"https:\/\/cryptonews.com\/fr\/exclusives\/this-is-how-hackers-attempted-to-attack-coinbase-4082\/"},"author":{"name":"giedrius","@id":"https:\/\/cryptonews.com\/fr\/#\/schema\/person\/5d79e712f570715212460260f4f9cc0f"},"headline":"Voici comment les pirates ont tent\u00e9 d\u2019attaquer Coinbase","datePublished":"2019-08-09T14:51:00+00:00","dateModified":"2023-06-26T11:06:30+00:00","mainEntityOfPage":{"@id":"https:\/\/cryptonews.com\/fr\/exclusives\/this-is-how-hackers-attempted-to-attack-coinbase-4082\/"},"wordCount":694,"publisher":{"@id":"https:\/\/cryptonews.com\/fr\/#organization"},"image":{"@id":"https:\/\/cryptonews.com\/fr\/exclusives\/this-is-how-hackers-attempted-to-attack-coinbase-4082\/#primaryimage"},"thumbnailUrl":"https:\/\/cimg.co\/w\/articles-attachments\/1\/5d4\/d5eafbf351.jpg","keywords":["Coinbase","Piratage"],"articleSection":["Exclusives","Personnalit\u00e9s Crypto"],"inLanguage":"fr-FR","copyrightYear":"2019","copyrightHolder":{"@id":"https:\/\/cryptonews.com\/#organization"}},{"@type":"WebPage","@id":"https:\/\/cryptonews.com\/fr\/exclusives\/this-is-how-hackers-attempted-to-attack-coinbase-4082\/","url":"https:\/\/cryptonews.com\/fr\/exclusives\/this-is-how-hackers-attempted-to-attack-coinbase-4082\/","name":"Voici comment les pirates ont tent\u00e9 d\u2019attaquer Coinbase","isPartOf":{"@id":"https:\/\/cryptonews.com\/fr\/#website"},"primaryImageOfPage":{"@id":"https:\/\/cryptonews.com\/fr\/exclusives\/this-is-how-hackers-attempted-to-attack-coinbase-4082\/#primaryimage"},"image":{"@id":"https:\/\/cryptonews.com\/fr\/exclusives\/this-is-how-hackers-attempted-to-attack-coinbase-4082\/#primaryimage"},"thumbnailUrl":"https:\/\/cimg.co\/w\/articles-attachments\/1\/5d4\/d5eafbf351.jpg","datePublished":"2019-08-09T14:51:00+00:00","dateModified":"2023-06-26T11:06:30+00:00","description":"Voici comment les pirates ont tent\u00e9 d\u2019attaquer Coinbase","breadcrumb":{"@id":"https:\/\/cryptonews.com\/fr\/exclusives\/this-is-how-hackers-attempted-to-attack-coinbase-4082\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cryptonews.com\/fr\/exclusives\/this-is-how-hackers-attempted-to-attack-coinbase-4082\/"]}],"author":[]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/cryptonews.com\/fr\/exclusives\/this-is-how-hackers-attempted-to-attack-coinbase-4082\/#primaryimage","url":"https:\/\/cimg.co\/w\/articles-attachments\/1\/5d4\/d5eafbf351.jpg","contentUrl":"https:\/\/cimg.co\/w\/articles-attachments\/1\/5d4\/d5eafbf351.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/cryptonews.com\/fr\/exclusives\/this-is-how-hackers-attempted-to-attack-coinbase-4082\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/cryptonews.com\/fr\/"},{"@type":"ListItem","position":2,"name":"Voici comment les pirates ont tent\u00e9 d\u2019attaquer Coinbase"}]},{"@type":"WebSite","@id":"https:\/\/cryptonews.com\/fr\/#website","url":"https:\/\/cryptonews.com\/fr\/","name":"Cryptonews","description":"","publisher":{"@id":"https:\/\/cryptonews.com\/fr\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cryptonews.com\/fr\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Organization","@id":"https:\/\/cryptonews.com\/fr\/#organization","name":"Cryptonews France","url":"https:\/\/cryptonews.com\/fr\/","logo":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/cryptonews.com\/fr\/#\/schema\/logo\/image\/","url":"https:\/\/cryptonews.com\/wp-content\/uploads\/sites\/3\/2023\/09\/4.jpg","contentUrl":"https:\/\/cryptonews.com\/wp-content\/uploads\/sites\/3\/2023\/09\/4.jpg","width":1669,"height":874,"caption":"Cryptonews France"},"image":{"@id":"https:\/\/cryptonews.com\/fr\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/cryptonews.com\/fr\/wp-json\/wp\/v2\/posts\/31799","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cryptonews.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cryptonews.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cryptonews.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cryptonews.com\/fr\/wp-json\/wp\/v2\/comments?post=31799"}],"version-history":[{"count":0,"href":"https:\/\/cryptonews.com\/fr\/wp-json\/wp\/v2\/posts\/31799\/revisions"}],"wp:attachment":[{"href":"https:\/\/cryptonews.com\/fr\/wp-json\/wp\/v2\/media?parent=31799"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cryptonews.com\/fr\/wp-json\/wp\/v2\/categories?post=31799"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cryptonews.com\/fr\/wp-json\/wp\/v2\/tags?post=31799"},{"taxonomy":"editors","embeddable":true,"href":"https:\/\/cryptonews.com\/fr\/wp-json\/wp\/v2\/editors?post=31799"},{"taxonomy":"sponsored_companies","embeddable":true,"href":"https:\/\/cryptonews.com\/fr\/wp-json\/wp\/v2\/sponsored_companies?post=31799"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}