- Suspected thefts from Coinbase users this month total over $46 million.
- Funds are moved from Bitcoin to Ethereum via Thorchain/Chainflip and converted to DAI.
- Coinbase has not flagged theft addresses in compliance tools, raising questions about security measures.
In a recent Telegram post, cryptocurrency investigator ZachXBT revealed that a Coinbase user was scammed for $34.9 million (400.099 BTC) yesterday. This incident is part of a larger pattern of thefts from Coinbase users, with over $46 million stolen this month alone. The stolen funds are being converted from Bitcoin to Ethereum through Thorchain and Chainflip, then swapped for the stablecoin DAI. Concerns are growing as Coinbase has not flagged any of the theft addresses in compliance tools, highlighting potential security gaps at the exchange.
The Rising Tide of Coinbase Scams
The cryptocurrency world has been shaken by a series of high-profile scams targeting Coinbase users. According to ZachXBT’s investigation, the past two weeks have seen multiple suspected thefts, with the total stolen this month exceeding $46 million. Each theft follows a similar pattern:
funds are moved from Bitcoin to Ethereum using cross-chain protocols like Thorchain and Chainflip, then converted to DAI – a stablecoin pegged to the US dollar. This method allows scammers to quickly launder stolen funds across different blockchain networks.
Check Also: Thorchain Freezes $200M in User Assets Amid Insolvency Crisis, RUNE Plunges 29%
ZachXBT has been tracking these incidents closely, uncovering a disturbing trend of security failures at Coinbase.
“After uncovering this theft, I noticed multiple other suspected thefts from Coinbase users in the past two weeks,” ZachXBT stated in his Telegram post. “Funds from each theft were bridged from Bitcoin to Ethereum via Thorchain / Chainflip and swapped for DAI.”
How the Scams Operate
The scams targeting Coinbase users are sophisticated and well-orchestrated. Scammers often employ social engineering tactics, such as spoofing phone numbers and sending fake emails that appear to be from Coinbase. These tactics are designed to gain the victim’s trust and manipulate them into transferring funds to addresses controlled by the scammers.
One victim, who lost approximately $850,000, described how scammers called from a spoofed number and claimed there were unauthorized login attempts on their account. The scammers then sent a fake email with a Case ID, further convincing the victim of their legitimacy. They instructed the victim to transfer funds to a Coinbase Wallet and whitelist a specific address while “support” verified the account’s security.
“These scammers are using personal information obtained from private databases to gain trust,” ZachXBT explained. “They clone the Coinbase site nearly 1:1 and use spoofed emails to send different prompts to the target.”
Coinbase’s Response to the Crisis
Despite the growing number of scams, Coinbase has faced criticism for its lack of action. The exchange has not flagged any of the theft addresses in popular compliance tools, even after the thefts have been ongoing for weeks. This has left many victims with little recourse and raised questions about Coinbase’s commitment to user security.
“Coinbase has quietly been facing a $300 million per year social engineering scam problem affecting its users,” ZachXBT noted in his investigation. “The theft addresses from these victims have not been reported at all by Coinbase in compliance tools.”
Victims who have contacted ZachXBT report encountering unhelpful customer support agents and facing significant delays in getting assistance. “Coinbase team can be incredibly hard to reach outside of US hours, which is unacceptable when you operate in a 24/7 market as a large business,” he added.
The Broader Implications
The security failures at Coinbase have broader implications for the cryptocurrency industry. As one of the largest and most well-known exchanges, Coinbase sets a precedent for security practices. However, competitors like Kraken, OKX, and Binance do not appear to have the same issue with scam panels targeting their users.
ZachXBT urges Coinbase leadership to take immediate action, suggesting several measures such as making phone numbers optional for advanced users with additional security measures, creating account types that restrict withdrawals for beginners or elderly users, and improving community outreach with resources for recovering funds and blocking phishing domains.
“Other major exchanges do not have similar panels created by scammers for fraud,” ZachXBT emphasized. “While the victims are partially responsible, it’s unreasonable to expect elderly victims to understand the nuances of email/phone spoofing. Coinbase is in a position where they have the power to make these changes and set a good example but they have chosen to do little to nothing.”
The Path Forward
For Coinbase to regain user trust, significant changes are necessary. The exchange must address its security vulnerabilities and improve its response to scams. This includes better customer support, faster flagging of theft addresses, and proactive measures to combat phishing and spoofing attempts.
As the cryptocurrency landscape continues to evolve, exchanges like Coinbase must adapt to stay ahead of increasingly sophisticated scams.
The security of user funds should be the top priority, and failure to address these issues could have lasting consequences for both the exchange and its users.
🤖 Follow Bitnewsbot on ▶▶▶ X | Facebook | Google News
Previous Articles:
- Axis Bank Adopts JP Morgan’s Blockchain Solution for 24/7 Cross-Border Payments
- Forbes Mislabels Liberland’s Location in Justin Sun Profile Piece
- Bitcoin Plunges Below $85,000 as Hot Inflation Report Spooks Investors
- Crypto Market Bleeds: CoinDesk 20 Index Down 4.5% With No Gainers
- XRP Price Faces 40% Drop Risk as Bearish Triangle Pattern Forms
