Coinbase Users Lost Over $65 Million in Two Months Due to Fraud
Date: 2025-02-05 Author: Henry Casey Categories: BUSINESS
One of the exchange’s customers reported the theft of almost $850,000. After a thorough analysis of the movement of funds, addresses were identified where the attackers consolidated the stolen funds from over 25 different thefts from the Coinbase platform. These funds were transferred to fake addresses using information obtained from the stolen databases.
“The scammers used personal data to convince the victim that there were unauthorized login attempts on their account. They then sent a fake message from Coinbase, offering to add the address to the whitelist and transfer the funds,” ZachXBT explained. The email contained a link to a fake website that was virtually identical to the official Coinbase platform.
According to the expert, the actual losses may be significantly higher than the reported $65 million over two months and $300 million over a year. This data does not take into account all the requests from users to the support service and the police.
ZachXBT also criticized Coinbase management for failing to effectively combat such attacks. He noted that in most cases, the exchange does not disclose the addresses of the scammers, even if the crimes continue for several weeks. Moreover, the company last month recommended that customers do not use a VPN to avoid suspicion, while the attackers specifically block access to VPNs on phishing sites.
“This demonstrates Coinbase’s inability to adequately respond to real threats,” he noted.
In response to these incidents, ZachXBT proposed a number of measures to improve security. Among them, he recommended making it optional to enter phone numbers for users who have passed the KYC procedure, limiting the ability to withdraw funds, and strengthening customer communication.
Earlier, in December 2024, he also reported that one of Coinbase's customers lost $11.5 million as a result of a social engineering scam.
