Coinbase: Rising Losses from Social Engineering Scams
Coinbase faces a $45M loss wave due to sophisticated social scams. ZachXBT raises the alarm.
Coinbase is facing a growing crisis as social engineering fraud drains tens of millions of dollars from its customers.
Security analyst ZachXBT has revealed worrying statistics showing how $45 million was stolen from Coinbase users through deceptive strategies in the last week alone.
10/ So where does the blame lie?
a) For the vast majority of the time these theft addresses are not being reported at all by Coinbase in popular compliance tools even after the thefts went on for weeks.
ZachXBT's analysis shows that the 45 million represents the latest financial loss for Coinbase users due to advanced social engineering attacks. The on-chain investigator believes Coinbase is facing a more serious version of this problem than other cryptocurrency exchanges.
"In recent months I have reported nine-figure thefts from Coinbase users through similar social engineering scams. Curiously, no other major exchange has the same problem," ZachXBT stated in a post on Telegram.
Coinbase did not respond to Cointelegraph's questions at the time of publication, while ZachXBT's findings point to serious security weaknesses on the platform.
From analysis of recent fraudulent activity and historical data, ZachXBT estimates that Coinbase customers lose approximately $330 million each year to social engineering scams. The high number shows how much these cyber criminals adapt their techniques to steal cryptocurrencies from their owners.
Crypto users have long faced social engineering scams. A July 2024 report revealed that impostors posing as Coinbase support stole $1.7 million from a single user, demonstrating the effectiveness of these deceptive practices.
The FBI issues an alert against crypto scams
The United States Federal Bureau of Investigation (FBI) has expressed concern about the rise of these deceptive practices. The FBI alerted the public in August 2024 about scammers posing as representatives of crypto exchanges to steal funds and sensitive information from users.
The alert expanded in September 2024 to include fraudulent job offers that trick crypto users into downloading malicious software. Hacker groups affiliated with the North Korean state have conducted these advanced attacks by hiding malicious software within job applications, employment tests and investment schemes.
Crypto users have experienced an increase in scam emails impersonating cryptocurrency exchanges in March 2025, directing them to transfer their funds to fraudulent external wallets.
The increasing diversity and complexity of these social engineering scams are leading to calls for stronger defensive actions. Phillip Martin, chief security officer of Coinbase, has already called for a unified framework to simplify the reporting of scams, so that the industry can identify and combat these malicious activities more effectively.
ZachXBT's new information is likely to intensify calls for more robust security measures and increased user awareness to reduce the considerable losses suffered by Coinbase's customers.
Eleven Drainer, a new phishing-as-a-service, is expanding its business. Despite the sophistication of the attacks, human error remains the main weakness. The defence lies in user discipline.
North Korean hackers intensify crypto fraud: GhostCall and GhostHire campaigns use AI and the impersonation of Web3 executives to distribute malware, an evolution of the Lazarus Group.
According to Cisco Talos and Google, the North Korean groups Famous Chollima and UNC5342 are employing new strains of decentralised malware (such as EtherHiding and the BeaverTail/OtterCookie pair)
Coinbase is facing a growing crisis as social engineering fraud drains tens of millions of dollars from its customers.
Security analyst ZachXBT has revealed worrying statistics showing how $45 million was stolen from Coinbase users through deceptive strategies in the last week alone.
ZachXBT's analysis shows that the 45 million represents the latest financial loss for Coinbase users due to advanced social engineering attacks. The on-chain investigator believes Coinbase is facing a more serious version of this problem than other cryptocurrency exchanges.
Coinbase did not respond to Cointelegraph's questions at the time of publication, while ZachXBT's findings point to serious security weaknesses on the platform.
From analysis of recent fraudulent activity and historical data, ZachXBT estimates that Coinbase customers lose approximately $330 million each year to social engineering scams. The high number shows how much these cyber criminals adapt their techniques to steal cryptocurrencies from their owners.
Crypto users have long faced social engineering scams. A July 2024 report revealed that impostors posing as Coinbase support stole $1.7 million from a single user, demonstrating the effectiveness of these deceptive practices.
The FBI issues an alert against crypto scams
The United States Federal Bureau of Investigation (FBI) has expressed concern about the rise of these deceptive practices. The FBI alerted the public in August 2024 about scammers posing as representatives of crypto exchanges to steal funds and sensitive information from users.
The alert expanded in September 2024 to include fraudulent job offers that trick crypto users into downloading malicious software. Hacker groups affiliated with the North Korean state have conducted these advanced attacks by hiding malicious software within job applications, employment tests and investment schemes.
Crypto users have experienced an increase in scam emails impersonating cryptocurrency exchanges in March 2025, directing them to transfer their funds to fraudulent external wallets.
The increasing diversity and complexity of these social engineering scams are leading to calls for stronger defensive actions. Phillip Martin, chief security officer of Coinbase, has already called for a unified framework to simplify the reporting of scams, so that the industry can identify and combat these malicious activities more effectively.
ZachXBT's new information is likely to intensify calls for more robust security measures and increased user awareness to reduce the considerable losses suffered by Coinbase's customers.
Read Next
Crypto Clash: Beijing Blames US for LuBian's 127,000 BTC Bitcoin Exploit
China accuses Washington of 'draining' 127,000 BTC from LuBian in 2020. Researchers link the exploit to a flaw in key generation.
New Eleven Drainer attack: threat to crypto wallets
Eleven Drainer, a new phishing-as-a-service, is expanding its business. Despite the sophistication of the attacks, human error remains the main weakness. The defence lies in user discipline.
Evolved North Korean Hackers: New Danger Level for the Crypto Sector
North Korean hackers intensify crypto fraud: GhostCall and GhostHire campaigns use AI and the impersonation of Web3 executives to distribute malware, an evolution of the Lazarus Group.
North Korea: The Ultimate Cyber-Attack? Evasive Malware and Blockchain in the Crosshairs.
According to Cisco Talos and Google, the North Korean groups Famous Chollima and UNC5342 are employing new strains of decentralised malware (such as EtherHiding and the BeaverTail/OtterCookie pair)