More than 6,000 Coinbase users had funds stolen from their accounts after hackers used a vulnerability in Coinbase’s SMS-based two-factor authentication system to breach accounts.

The intrusions took place earlier this year, between March and May, the exchange said in a data breach notification letter it has filed with US state attorney general offices.

“The third party took advantage of a flaw in Coinbase’s SMS Account Recovery process in order to receive an SMS two-factor authentication token and gain access to your account,” Coinbase said.

But even if victims pay the ransom – which isn’t recommended because it encourages more ransomware attacks – restoring the network can still be a slow process and it can be weeks or months before services are fully restored.

SEE: A cloud company asked security researchers to look over its systems. Here’s what they found.

Be it REvil or any other ransomware gang, the best way to avoid the disruption of a ransomware attack is to prevent attacks in the first place.

The Conti ransomware gang has developed novel tactics to demolish backups, especially the Veeam recovery software.

Good at identifying and obliterating backups? Speak Russian? The notorious Conti ransomware group may find you a fine hiring prospect.

That’s according to a report published on Wednesday by cyber-risk prevention firm Advanced Intelligence, which details how Conti has honed its backup destruction to a fine art – all the better to find, crush and kill backed-up data. After all, backups are a major obstacle to encouraging ransomware payment.

Google’s cybersecurity researchers have discovered a new technique that hackers use to trick Windows systems into bypassing malware payload detection.

CISA did a deep dive on the Conti ransomware, providing information for those protecting organizations.

Several RAT malware are being used to target South American organizations.

A new malware strain uses the Windows Subsystem for Linux to launch stealthy attacks.