Coinbase Users Lose $46M to Scams in March
1min read Coinbase users have once again found themselves in the crosshairs of cybercriminals, with over $46 million lost to social engineering scams in March alone. This alarming figure was revealed by blockchain investigator ZachXBT, who detailed the incidents on his Telegram channel.
On March 28, ZachXBT reported that an unidentified coinbase user had fallen victim to an elaborate theft, losing approximately 400 BTC, valued at around $34.9 million. This incident is part of a broader pattern of targeted attacks affecting users of the US-based exchange. ZachXBT highlighted three separate instances of such attacks this month. On March 16, scammers stole 20.028 BTC, followed by 46.147 BTC on March 25, and another 60.164 BTC on March 26.
After successfully stealing the funds, the attackers reportedly bridged them from Bitcoin to Ethereum using platforms like Thorchain or Chainflip, and then converted the assets into the stablecoin DAI. This method allows the attackers to move the stolen funds more discreetly and convert them into a more stable form of currency.
Despite the significant scale of these incidents, ZachXBT criticized Coinbase for not flagging the associated wallet addresses using its compliance tools. He pointed out that the exchange has consistently failed to identify known theft addresses, indicating a lack of adequate user protection measures. ZachXBT's criticism was clear: "I have yet to see an incident where Coinbase flagged theft addresses (they are part of the problem shows they are not taking care of users)."
Ask Aime: How can Coinbase enhance its security measures to prevent future cybercriminal attacks?
Earlier this year, ZachXBT revealed that Coinbase users had lost around $65 million to scams between December 2024 and January 2025. These losses are part of a larger trend, with over $300 million reportedly lost annually by Coinbase customers to social engineering scams. The scams typically begin with spoofed phone calls using stolen personal data. Once trust is established, victims receive phishing emails that appear to come from Coinbase. These emails warn of suspicious login activity and instruct users to move funds into a Coinbase Wallet. Victims are then told to whitelist a malicious wallet address, unknowingly handing over control of their funds to the attacker.
Coinbase has yet to publicly comment on these incidents. The lack of response from the exchange raises concerns about its commitment to user security and the effectiveness of its current measures to protect against social engineering scams. As the frequency and sophistication of these attacks continue to rise, it is crucial for exchanges like Coinbase to enhance their security protocols and provide better support to their users. 
