-
A Coinbase user lost $11.5 million to a social engineering scam on Base, the exchange’s layer-2 network.
-
ZachXBT revealed that at least $150 million has been stolen from Coinbase users through similar scams.
-
These incidents mount concerns over the US-based crypto exchange security measures.
A Coinbase layer-2 scam has raised alarms as $11.5 million was lost, highlighting significant security challenges for the platform.
ZachXBT Exposes $150 Million Stolen in Growing Coinbase Fraud Crisis
According to ZachXBT, the stolen cbBTC—Coinbase’s wrapped Bitcoin product—was swiftly laundered across multiple instant exchanges. The attacker swapped, bridged, and moved the funds through various platforms before consolidating them with other stolen assets on Ethereum. These actions make recovery nearly impossible.
The investigator pointed out that this incident is part of a growing trend, with multiple Coinbase users suffering similar losses. He estimates that scams of this nature have drained at least $150 million from Coinbase customers.
“Coinbase has a serious fraud problem. I just uncovered many more recent thefts from Coinbase users. The $150 million stolen from Coinbase users in a year is just from thefts I independently confirmed. So it’s more than likely multiples of this number,” ZachXBT stated.
Coinbase has not yet commented on the latest exploit. However, scams involving fraudsters impersonating Coinbase support have become increasingly common.
These attackers use phishing emails, spoofed calls, and other deceptive tactics to trick victims into revealing private keys or login credentials. Once they gain access, they drain wallets, move funds, and take control of accounts.
Last December, a Coinbase Commerce vendor lost $15.9 million with no intervention from the exchange’s anti-money laundering (AML) system. Before that, an imposter stole $6.5 million in October 2024 using a phishing scheme while pretending to be part of Coinbase’s support team.
“I receive inbounds every week from Coinbase users falling for targeted social engineering scams which result in millions of dollars of losses each month. Coinbase does not help the victims and no other major exchange has this same issue. The leadership is completely out of touch with actual threats and cites obscure internal policies to abscond itself of any responsibility even when it’s the right thing to do,” ZachXBT wrote on X (formerly Twitter).
These incidents highlight growing security concerns for Coinbase users. As the largest crypto exchange in the US, the company faces increasing pressure to improve fraud detection and safeguard its customers from sophisticated cyber threats.
If these scams continue unchecked, they could further erode trust in centralized exchanges and highlight the urgent need for improved security protocols.
Conclusion
The recent loss of $11.5 million on Coinbase underscores a significant vulnerability within the exchange’s operations. With estimated losses exceeding $150 million due to similar scams, the necessity for heightened security measures and prompt consumer protection becomes critical. The industry must respond swiftly to restore trust and prevent future occurrences.
