New Google cloud sync feature implicated in $15M crypto heist at Ripple-owned Fortress Trust
Ripple's newly acquired firm Fortress Trust had lost more than $10 million to a third-party breach before its acquisition....
- Software development company Retool has attributed the hack of crypto custodian Fortress Trust to a recently introduced Google Account cloud synchronization feature.
- The breach resulted in the compromise of all 27 cloud customer accounts, leading to a loss of $15 million for Fortress Trust.
- The hack began with an SMS social engineering attack targeting Retool's employees, where malicious links were sent pretending to be from the IT team.
- One employee unknowingly entered their credentials on a fake landing page, allowing the hackers to obtain a multifactor authentication code through a deepfake voice call.
- The hackers gained access to the internal admin system by activating Google Authenticator cloud sync, enabling them to take control of customers' accounts.
The article highlights a significant security breach that resulted in financial loss for a crypto custodian. It also emphasizes the increasing sophistication of social engineering attacks and the need for stronger security measures.