Users of Coinbase are once again making headlines after suffering losses exceeding $46 million from social engineering scams this month, as revealed by blockchain investigator ZachXBT.
On March 28, the investigator announced via his Telegram channel that an unnamed Coinbase user fell victim to a sophisticated theft, losing around 400 BTC, equivalent to approximately $34.9 million.
According to ZachXBT, this incident is part of a wider trend impacting users of US-based exchanges.
He pointed out three separate cases of these attacks occurring this month. The first incident involved the scammers obtaining 20.028 BTC on March 16, followed by 46.147 BTC on March 25, and another 60.164 BTC on March 26.
After siphoning off the funds, the fraudsters reportedly converted them from Bitcoin to Ethereum via Thorchain or Chainflip and then exchanged the assets for the stablecoin DAI.
Inadequate response from Coinbase
Despite the magnitude of these incidents, it was noted that Coinbase has not flagged the relevant wallet addresses using its compliance tools.
The investigator emphasized that the exchange has repeatedly failed to identify known theft addresses, indicating a lack of sufficient protective measures for users.
In a post on X, he remarked:
“I have yet to see an incident where Coinbase flagged theft addresses (they are part of the problem shows they are not taking care of users).”
Earlier this year, it was disclosed that Coinbase customers incurred about $65 million in scam-related losses between December 2024 and January 2025. This figure is part of a worrying trend, with more than $300 million believed to have been lost annually by Coinbase users due to social engineering scams.
The social engineering schemes frequently initiate with spoofed phone calls utilizing stolen personal information. Once trust is established, victims receive phishing emails that mimic communications from Coinbase.
These messages alert users to potential suspicious login activities and urge them to transfer funds to a Coinbase Wallet. Victims are then instructed to whitelist a fraudulent wallet address, inadvertently giving the scammers control over their funds.
As of the time of writing, there has been no public comment from Coinbase regarding these incidents.
Mentioned in this article
