The post $65M Stolen, Actual Losses Likely Higher appeared on BitcoinEthereumNews.com.

Over the past two months, Coinbase users have reported a surge in account restrictions, which appear linked to the company’s aggressive risk models and an ongoing wave of social engineering scams. ZachXBT believes that the blame for the losses lies with Coinbase’s leadership, failing to report theft addresses, offer responsive support, and react swiftly to threats – issues rivals like Kraken and Binance manage far more effectively. Coinbase’s Security Crisis Popular pseudonymous on-chain investigator ZachXBT, alongside zeroShadow researcher ‘tanuki42,’ has uncovered that at least $65 million was stolen from Coinbase users through social engineering scams between December 2024 and January 2025. Their findings, based on on-chain data analysis and victim reports received via direct messages, suggest the actual figure is likely much higher, as it does not account for cases reported directly to Coinbase or law enforcement. The scams typically involve attackers posing as Coinbase support, using spoofed phone numbers and emails to gain victims’ trust, often leveraging personal data from private databases. Victims are tricked into transferring funds to compromised Coinbase Wallets and whitelisting fraudulent addresses. One case involved a loss of $850,000, with the stolen funds consolidated alongside assets from over 25 other victims linked to the address ‘coinbase-hold.eth.’ ZachXBT attributed these scams to groups based in India and low-level cybercriminals from online communities like Com. He criticized Coinbase’s risk models and customer security measures, which he claims have failed to prevent over $300 million in annual losses to such fraud. Leadership Inaction and Weak Support In addition to rampant social engineering scams, ZachXBT claimed that Coinbase has quietly experienced several security incidents that were not publicly disclosed. These include breaches involving old API keys used for tax software, which were supposed to have read-only permissions but were compromised, and a recent bug that allowed verification codes to…

---

Filed under: News - @ February 5, 2025 3:24 pm