Blockchain detective ZachXBT has recently revealed that Coinbase users have been targeted in social engineering scams, resulting in over $46 million in losses within the past two weeks. The most significant theft occurred on March 27, when a single user lost 400.099 BTC worth $34.9 million.
Social engineering scams typically involve phishing messages designed to impersonate official staff. Victims are often tricked into revealing their login details, approving fake transactions, or transferring funds to attacker-controlled wallets under the pretense of securing their assets. Some scams fake security alerts, prompting users to take action that results in funds loss.
ZachXBT Exposes $46M Theft
According to ZachXBT, multiple thefts have occurred throughout March, including cases on March 26 and March 25, where victims lost 60.164 BTC and 46.147 BTC, respectively. Another scam on March 16 stole 20.028 BTC. The funds from these scams were laundered by bridging from Bitcoin to Ethereum via Thorchain and Chainflip before being converted into stablecoin DAI.
The blockchain analyst criticized Coinbase for failing to flag the identified theft addresses in its compliance tools, potentially allowing scammers to continue their operations undetected. He added that the recent theft incidents are not the first time Coinbase users have experienced such a thing.
Notably, in a previous investigation, ZachXBT disclosed that between December 2024 and January 2025, Coinbase users lost approximately $65 million to similar scams. He also warned that the exchange is facing an escalating crisis, with an estimated $300 million lost annually due to social engineering fraud. Nonetheless, at press time, Coinbase has not issued an official statement regarding the latest report.
ZachXBT Uncovers Crypto Thefts
While remaining pseudonymous, ZachXBT has been instrumental in uncovering significant crypto thefts. Since 2021, his efforts have led to the recovery of funds for scam and theft victims. Last year, he was pivotal in exposing a $243 million crypto heist. His investigation identified the criminals, leading to arrests and the recovery of some stolen funds.
Last month, Bybit was attacked, resulting in the theft of approximately $1.5 billion worth of Ethereum. The detective unraveled the hack, traced the stolen funds, and identified patterns consistent with previous cyberattacks. Arkham Intelligence acknowledged his findings and awarded him a bounty of 50,000 ARKM tokens.
Meanwhile, the blockchain sleuth recently criticized Crypto.com for reissuing 70 billion Cronos (CRO) tokens that were declared permanently burned in 2021. He argued that the action contradicted community expectations and undermined the principles of decentralization and transparency.
