A Coinbase customer recently fell prey to a social engineering scam on Base, Ethereum’s layer-2 network, and lost 110 cbBTC worth $11.5 million. On January 31, blockchain investigator ZachXBT revealed the incident as part of a larger fraud pattern affecting Coinbase users.
Unraveling the $150 Million Coinbase Fraud Crisis
ZachXBT explained that the stolen cbBTC, Coinbase’s wrapped Bitcoin, was quickly laundered through several instant exchanges. The perpetrator swapped, bridged, and transferred the funds across various platforms, eventually consolidating them with other stolen assets on Ethereum. Such actions make recovery nearly impossible.
The investigator noted a disturbing trend, with numerous Coinbase users experiencing similar losses. He estimated that these scams have collectively siphoned at least $150 million from Coinbase customers.
“Coinbase is grappling with a serious fraud problem. I have uncovered many recent thefts targeting Coinbase users. The $150 million stolen from Coinbase users in a year is just based on independently confirmed cases. The actual figure is likely much higher,” ZachXBT stated.
Coinbase has not yet addressed the latest exploit publicly. However, scams involving fraudsters posing as Coinbase support representatives are on the rise. These attackers deploy phishing emails, spoofed calls, and other deceptive tactics to manipulate victims into disclosing private keys or login credentials. Once they gain access, they drain wallets, move funds, and seize control of accounts.
Rise of Scams and the Urgent Need for Security
Last December, a Coinbase Commerce vendor lost $15.9 million without intervention from the exchange’s anti-money laundering (AML) system. Prior to that, an impostor stole $6.5 million in October 2024 through a phishing scheme while impersonating Coinbase support.
“I receive inquiries every week from Coinbase users who fall victim to targeted social engineering scams, resulting in millions of dollars lost each month. Coinbase does not assist the victims, and no other major exchange faces this same issue. The leadership remains disconnected from actual threats, citing obscure internal policies to absolve themselves of responsibility even when it’s the right thing to do,” ZachXBT wrote on X (formerly Twitter).
These incidents underscore growing security concerns for Coinbase users. As the largest crypto exchange in the US, the company faces increasing pressure to enhance fraud detection and protect its customers from sophisticated cyber threats. If these scams continue unabated, they could further diminish trust in centralized exchanges and emphasize the urgent need for improved security measures.