Over the past two months, Coinbase users have reported a surge in account restrictions, which appear linked to the companys aggressive risk models and an ongoing wave of social engineering scams.
ZachXBT believes that the blame for the losses lies with Coinbases leadership, failing to report theft addresses, offer responsive support, and react swiftly to threats issues rivals like Kraken and Binance manage far more effectively.
Popular pseudonymous on-chain investigator ZachXBT, alongside zeroShadow researcher tanuki42, has uncovered that at least $65 million was stolen from Coinbase users through social engineering scams between December 2024 and January 2025.
Their findings, based on on-chain data analysis and victim reports received via direct messages, suggest the actual figure is likely much higher, as it does not account for cases reported directly to Coinbase or law enforcement.
The scams typically involve attackers posing as Coinbase support, using spoofed phone numbers and emails to gain victims trust, often leveraging personal data from private databases. Victims are tricked into transferring funds to compromised Coinbase Wallets and whitelisting fraudulent addresses.
One case involved a loss of $850,000, with the stolen funds consolidated alongside assets from over 25 other victims linked to the address coinbase-hold.eth. ZachXBT attributed these scams to groups based in India and low-level cybercriminals from online communities like Com. He criticized Coinbases risk models and customer security measures, which he claims have failed to prevent over $300 million in annual losses to such fraud.
In addition to rampant social engineering scams, ZachXBT claimed that Coinbase has quietly experienced several security incidents that were not publicly disclosed. These include breaches involving old API keys used for tax software, which were supposed to have read-only permissions but were compromised, and a recent bug that allowed verification codes to be sent to any email address, regardless of whether it was linked to an account.
In 2023, $15.9 million was stolen from Coinbase Commerce, and a threat actor laundered $38 million from the BTCTurk hack through Coinbase in just a few hours. The blame, according to the detective, largely falls on Coinbases leadership for systemic failures in security and customer response.
Theft-related addresses often go unreported in compliance tools for weeks, leaving gaps in fraud detection. Victims frequently encounter ineffective customer support, with little follow-up, and the companys unavailability outside US hours is problematic for a global 24/7 market.
He further added that competitors such as Kraken, OKX, and Binance manage similar risks more effectively, Coinbase has failed to take decisive action against even low-level US-based threat actors with poor operational security. ZachXBT stated that the core issues stem from leadership decisions, not individual employees.
Coinbase needs to urgently make changes as more and more users are being scammed for tens of millions every month. Other major exchanges do not have similar panels created by scammers for fraud. While the victims are partially responsible it’s unreasonable to expect elderly victims to understand the nuances of email/phone spoofing.
zpostcode
Recruit
weather
mreligion
Yellowpages
sport
constellation
shopping
name
game
directory
literature
Word
tour
furnish
Lottery
tftnews
lyrics
News
digital
car
dir
Edu
Finance
