"Coinbase Users Lose $65M in Social Engineering Scams; Crypto Thief Charged in $65M DeFi Heist"

Cryptocurrency exchange Coinbase users have reportedly lost over $65 million to social engineering scams between December 2024 and January 2025, according to onchain investigator ZachXBT. The figure may be significantly underestimated as it does not include unreported cases to Coinbase support or the police.

ZachXBT detailed how scammers exploited stolen personal data from private databases to execute their schemes. One method involved sending victims a counterfeit email, appearing to be from Coinbase, alerting them of multiple unauthorized login attempts. The fraudulent communication included a bogus case ID and directed the victim to move funds to a Coinbase Wallet and whitelist a certain address.

Scammers also created nearly identical replicas of the Coinbase website, enabling them to send deceptive prompts to targets through spoofed emails. Multiple Telegram channels exist where scammers promote and sell these fake panels. ZachXBT estimated that the annual losses from such scams exceed $300 million and criticized Coinbase for not adequately addressing the issue.

Coinbase often fails to report scammers' addresses, allowing thefts to continue for weeks. A Coinbase employee advised users on an unspecified platform to avoid using VPNs to prevent being flagged as suspicious. However, threat actors typically block VPNs on phishing sites, indicating a misdiagnosis of the problem by Coinbase.

ZachXBT called on Coinbase's leadership to take urgent action to combat social engineering scams. He suggested making phone number input optional for KYC-verified users, introducing a beginner account type with restricted withdrawals, and enhancing community outreach to better protect users from these types of attacks.

In a separate development, Canadian national Andean Medjedovic faced charges from the United States Department of Justice. He is accused of committing wire fraud, computer hacking, attempted extortion, and money laundering in connection with the alleged theft of approximately $65 million worth of cryptocurrency from two decentralized finance (DeFi) protocols, KyberSwap and Indexed Finance.

Medjedovic allegedly exploited smart contract vulnerabilities within the liquidity pools of these DeFi protocols, stealing about $48.8 million from KyberSwap and $16.5 million from Indexed Finance. The alleged cybercrimes have led to significant financial losses for investors in these liquidity pools.

The KyberSwap