Coinbase users are again in the spotlight after losing more than $ 46 million in social engineering scams this month alone, according to blockchain Sleuth Zachxbt.
On March 28, the researcher reported on chains on his telegram channel that a public Coinbase user lost around 400 BTC-Hongeveron $ 34.9 million after the victim of an extensive theft.
According to Zachxbt, this theft took place as part of a broader pattern of targeted incidents that influence American exchange users.
He emphasized three different authorities of this attack this month. In the first case, the scammers stole 20,028 BTC on March 16, followed by 46.147 BTC on March 25 and another 60.164 BTC on March 26.
After stealing the funds, the attackers were reportedly bridged from Bitcoin to Ethereum with Thorchain of Chainflip and then converted the assets in the Stablecoin Dai.
Coinbase’s lethargy
Despite the scale of these incidents, Zachxbt pointed out that Coinbase still has to mark the corresponding portfolio addresses with the help of its compliance tools.
Zachxbt emphasized that the exchange did not consistently deliver to mark known theft addresses, which indicates insufficient user protection measures.
He wrote on X:
“I still have to see an incident in which Coinbase marks theft addresses (they are part of the problem, shows that they do not take care of users).”
Earlier this year, Zachxbt revealed that Coinbase users lost around $ 65 million of scams between December 2024 and January 2025. These losses are part of a more important trend, with allegedly more than $ 300 million lost annually by Coinbase customers to social engineering scams.
The Social Engineering Foundation often starts with forged phone calls with the help of stolen personal data. Once the trust has been established, victims receive phishing -e emails that seem to come from Coinbase.
These e -mails warn of suspicious login activity and instruct users to move funds to a Coinbase wallet. Victims are then told to put a malicious wallet address on the white list, without knowing about control of their funds to the malignant attacker.
Coinbase still has to comment publicly on the incidents from the moment of press.
