Hacker stole $15.97 million from Coinbase Commerce
Date: 2024-12-12 Author: Henry Casey Categories: BUSINESS
As the famous online sleuth ZachXBT found out, the theft was carefully planned and carried out using a complex scheme.
Over 16 hours, more than 1,700 transactions were carried out, each of which did not exceed $10,000. This likely made it possible to bypass the exchange's anti-money laundering (AML) systems. The stolen funds were initially transferred to the Polygon blockchain, then sent to the Ethereum network. There, the cryptocurrency was converted to ETH and distributed to three different addresses.
While most of the stolen funds remain idle, some of the amount has already been transferred to the eXch decentralized exchange and used through the Stake protocol.
ZachXBT found that just a month after the attack, the attacker began flaunting his wealth on social media. In a private conversation via Telegram, he confirmed ownership of an address containing $6 million of the stolen funds. The hacker also claimed to have attempted to purchase a Telegram account with the handle Excite for $2,000 to match his Instagram profile.
The attacker also posted photos of expensive accessories and exotic animals, such as pet monkeys. According to open sources, ZachXBT assumed that the hacker was located in Denmark. Commenters noticed a post that may have featured the suspect's face.
There is reason to believe that accomplices were involved in the scheme. ZachXBT claims to have collected enough evidence to bring the perpetrators to justice. However, the identity of the affected seller is still unknown, and Coinbase has not disclosed details of the incident.
The incident has prompted criticism of the platform's security system. "Why didn't Coinbase's AML monitoring notice such obvious activity in 16 hours?" ZachXBT asked.
Users noted that the platform's security standards for corporate accounts may be less stringent. "Coinbase easily blocks personal transactions over $10,000, but seems to allow large corporate clients to freely make transactions so as not to lose them," one commenter noted.
Another user suggested that the platform should have improved its algorithms to detect suspicious transactions of smaller sizes. "It is obvious that $9,000 transactions can easily be used to bypass the system. This is a weak point of Coinbase," he emphasized.
According to ZachXBT, the investigation is ongoing. At the same time, Coinbase has not commented on the situation, focusing on rumors of a mass blocking of accounts that appeared on December 9.
