ZachXBT, a renowned blockchain investigator, appears not done with crypto exchange Coinbase over lapses in their security system leading to scams. The crypto detective in a “thread” on X detailed how many users have become victims of social engineering attacks on Coinbase. ZachXBT stated that users have lost over $300 million from these socially engineered exploits. How the Crypto Scam Works ZachXBT’s investigations revealed that the scammers employ spoof calls and impersonation of the crypto exchange support team. They also sent phishing emails to lure users into compromising their accounts, as in the Ledger incident in December 2024. They also use leaked personal data to gain users’ trust. To sound convincing, the fraudsters have faked Coinbase’s website and emails, which are difficult to tell apart to the casual observer. The malicious actors then get the potential victims to “verify” their accounts through their private keys . This required the would-be victim to transfer funds to a Coinbase Wallet or whitelisting address. While impersonating the Coinbase support team, they compromise the victim’s security and steal their funds. ZachXBT says the scammers operate from India and primarily target users in the U.S. Surprisingly, between December 2024 and January 2025 alone, Coinbase users lost a minimum of $65 million to theft. This amount does not factor in Coinbase support tickets and police report that ZachXBT could not access. ZachXBT claims that Coinbase has made it difficult to track the theft addresses by failing to report them using compliance tools. Did Coinbase Fail to Wade Off Crypto Scams? The crypto sleuth argues that Coinbase’s risk models have failed to prevent these scams, causing users to lose $300 million. He maintained that these attacks succeeded because of the aggressive risk models that Coinbase adopted to tackle them. Generally, users have suddenly accused Coinbase of restricting their accounts. It appears the malicious actors are exploiting this to scam users. A development ZachXBT has decried as the aggressive risk model has failed to prevent the massive annual loss of funds due to Crypto scams. ZachXBT also highlighted how a Coinbase employee cautioned users via an X post to stop using VPNs so the exchange does not flag them as suspicious. Meanwhile, the crypto detective noted that threat actors block VPNs from phishing sites. According to the investigation, this discrepancy suggests that Coinbase has failed to identify the security issues correctly. He attributes this as the major reason the scammers have succeeded in robbing users of their valuable funds. Coinbase CEO Promises Enhanced Infrastructure In a separate update, Brian Armstrong, the exchange’s CEO, promised a comprehensive overhaul of its system. While more linked to Solana transaction congestion than crypto scam events, the exchange has identified a unique need to upgrade its systems. The trading platform suffered delays in processing Solana transactions in January following the launch of TRUMP and MELANIA. With the event, Brian Amstrong promised a Solana tier-1 infrastructure . The post Coinbase In Spotlight As Crypto Sleuth Flags Social Engineering Scam appeared first on CoinGape .
