ZachXBT: Coinbase’s Negligence Costs Users $300M
Blockchain researcher ZachXBT has accused Coinbase of using flawed risk assessment models and failing to protect users, resulting in hundreds of millions of dollars lost to social engineering scams.
On this page
According to his analysis, based on verified private messages and blockchain transaction tracking, Coinbase users have lost approximately $65 million in the past two months alone, with total losses exceeding $300 million over the past year.
The actual scale of the problem is likely much larger, as ZachXBT does not have access to Coinbase’s internal support tickets or law enforcement reports.
One victim reportedly lost $850,000 after receiving a call from a spoofed phone number. The scammers, armed with personal details about his account, claimed there was an attempted hack and convinced him to transfer his assets to a “secure” wallet via a fake website and phishing emails. The stolen funds were soon consolidated into a single wallet address linked to similar fraud schemes.
Most victims are based in the U.S., while the attackers primarily operate from India. As fraud cases increase, Coinbase has advised users not to use VPNs, warning that doing so could trigger automatic account flags and restrictions, which have already impacted many users. ZachXBT argues that this highlights Coinbase’s inability to respond effectively to the growing threat.
ZachXBT also highlights that victims face significant difficulties when trying to reach Coinbase support, while the exchange itself does little to communicate publicly with users. To address this, he suggests removing the mandatory phone number requirement for accounts with two-factor authentication, introducing restricted accounts for beginners and seniors, and enhancing community engagement.
Coinbase needs to urgently make changes as more and more users are being scammed for tens of millions every month. While the victims are partially responsible it’s unreasonable to expect elderly victims to understand the nuances of email/phone spoofing,
ZachXBT wrote.
He also notes that other exchanges don’t face these issues to the same extent because they place greater emphasis on security, customer support, and user engagement. In any case, he suggests that users consider alternative platforms such as Binance, Kraken, or WhiteBIT, the latter of which is reviewed in our dedicated article.
The content on The Coinomist is for informational purposes only and should not be interpreted as financial advice. While we strive to provide accurate and up-to-date information, we do not guarantee the accuracy, completeness, or reliability of any content. Neither we accept liability for any errors or omissions in the information provided or for any financial losses incurred as a result of relying on this information. Actions based on this content are at your own risk. Always do your own research and consult a professional. See our Terms, Privacy Policy, and Disclaimers for more details.