New Google cloud sync feature implicated in $15M crypto heist at Ripple-owned Fortress Trust


18 Sep 2023 12:57 PM

Ripple's newly acquired firm Fortress Trust had lost more than $10 million to a third-party breach before its acquisition....

  • Software development company Retool has attributed the hack of crypto custodian Fortress Trust to a recently introduced Google Account cloud synchronization feature.
  • The breach resulted in the compromise of all 27 cloud customer accounts, leading to a loss of $15 million for Fortress Trust.
  • The hack began with an SMS social engineering attack targeting Retool's employees, where malicious links were sent pretending to be from the IT team.
  • One employee unknowingly entered their credentials on a fake landing page, allowing the hackers to obtain a multifactor authentication code through a deepfake voice call.
  • The hackers gained access to the internal admin system by activating Google Authenticator cloud sync, enabling them to take control of customers' accounts.

The article highlights a significant security breach that resulted in financial loss for a crypto custodian. It also emphasizes the increasing sophistication of social engineering attacks and the need for stronger security measures.

Go to publisher site

You May Ask

What caused the hack of crypto custodian Fortress Trust?How did the hackers gain access to the employee's multifactor authentication code?What actions did Retool take following the incident?What does the incident reveal about the tactics used by hackers targeting crypto firms?How did Ripple respond to the breach and its impact on Fortress Trust?

Suggested Reads