ZachXBT Reveals Coinbase Users Lost $150 million in Social Engineering Scams

In Brief
- A Coinbase user lost $11.5 million to a social engineering scam on Base, the exchange’s layer-2 network.
- ZachXBT revealed that at least $150 million has been stolen from Coinbase users through similar scams.
- These incidents mount concerns over the US-based crypto exchange security measures.
A Coinbase user has reportedly lost 110 cbBTC, valued at $11.5 million. The loss occurred after the user fell victim to a social engineering scam on Base, the Ethereum layer-2 network backed by the exchange.
On January 31, blockchain investigator ZachXBT uncovered the exploit, linking it to a broader pattern of fraud affecting Coinbase users.
ZachXBT Exposes $150 Million Stolen in Growing Coinbase Fraud Crisis
According to ZachXBT, the stolen cbBTC—Coinbase’s wrapped Bitcoin product—was swiftly laundered across multiple instant exchanges. The attacker swapped, bridged, and moved the funds through various platforms before consolidating them with other stolen assets on Ethereum. These actions make recovery nearly impossible.
The investigator pointed out that this incident is part of a growing trend, with multiple Coinbase users suffering similar losses. He estimates that scams of this nature have drained at least $150 million from Coinbase customers.
“Coinbase has a serious fraud problem. I just uncovered many more recent thefts from Coinbase users. The $150 million stolen from Coinbase users in a year is just from thefts I independently confirmed. So it’s more than likely multiples of this number,” ZachXBT stated.
Coinbase has not yet commented on the latest exploit. However, scams involving fraudsters impersonating Coinbase support have become increasingly common.
These attackers use phishing emails, spoofed calls, and other deceptive tactics to trick victims into revealing private keys or login credentials. Once they gain access, they drain wallets, move funds, and take control of accounts.
Get to know Godleak
Godleak crypto signal is a service which provide profitable crypto and forex signals for trading. Godleak tried to provide you signals of best crypto vip channels in the world.
It means that you don’t need to buy individual crypto signal vip channels that have expensive prices. We bought all for you and provide you the signals with bot on telegram without even a second of delay.
Godleak crypto leak service have multiple advantages in comparision with other services:
- Providing signal of +160 best crypto vip channels in the world
- Using high tech bot to forward signals
- Without even a second of delay
- Joining in +160 separated channels on telegram
- 1 month, 3 months , 6 months and yearly plans
- Also we have trial to test our services before you pay for anything
For joining Godleak and get more information about us only need to follow godleak bot on telegram and can have access to our free vip channels. click on link bellow and press start button to see all features
Join for Free
☟☟☟☟☟
https://t.me/Godleakbot
Also you can check the list of available vip signal channels in the bot. by pressing Channels button.
 
Last December, a Coinbase Commerce vendor lost $15.9 million with no intervention from the exchange’s anti-money laundering (AML) system. Before that, an imposter stole $6.5 million in October 2024 using a phishing scheme while pretending to be part of Coinbase’s support team.
“I receive inbounds every week from Coinbase users falling for targeted social engineering scams which result in millions of dollars of losses each month. Coinbase does not help the victims and no other major exchange has this same issue. The leadership is completely out of touch with actual threats and cites obscure internal policies to abscond itself of any responsibility even when it’s the right thing to do,” ZachXBT wrote on X (formerly Twitter).
These incidents highlight growing security concerns for Coinbase users. As the largest crypto exchange in the US, the company faces increasing pressure to improve fraud detection and safeguard its customers from sophisticated cyber threats.
If these scams continue unchecked, they could further erode trust in centralized exchanges and highlight the urgent need for improved security protocols.