$15.97 million stolen from Coinbase Commerce

In April 2024, an unnamed merchant account on Coinbase Commerce made a number of suspicious transactions with USDC for a total of $15.97 million. According to online detective ZachXBT, the funds were stolen by an attacker.

According to the investigation, money was withdrawn over 16 hours through more than 1,700 transactions in amounts less than $10,000, likely to circumvent AML– exchange systems.

Part of the list of suspicious transactions. Data: ZachXBT.

First, USDC got onto the Polygon platform, and then onto Ethereum. There, the assets were converted into ETH and divided into three addresses.

Most of the coins have been dormant since then, but some were brought to the eXch automatic exchange and the Stake protocol.

ZachXBT discovered that within a month after the attack, the attacker began boasting of wealth on social networks. During a private conversation on Telegram, the hacker confirmed control of the address where $6 million of the stolen amount was stored.

He also claimed to own an Instagram profile with the nickname Excite and unsuccessfully tried to buy a Telegram account with the same name for $2,000.

Among other things, the owner of the profile indicated by the investigator showed expensive watches and tame monkeys.

Based on data from open sources, ZachXBT came to the conclusion that the attacker is located in Denmark.

Several commenters took note of the post, which allegedly shows the hacker’s face.

Presumably, the hacker was helped by accomplices. The detective said he has sufficient evidence to bring the perpetrators to justice.

The identity of the victim is still unknown. The platform did not disclose details of the incident.

The investigator himself and commentators on social networks were surprised that the Coinbase security system did not detect or prevent the attack.

“I have a question: why didn’t Coinbase’s AML monitoring system detect this suspicious activity within 16 hours?” ZachXBT concluded.

Some have noticed that the platform applies different standards to private and corporate clients, without limiting transactions for large accounts to avoid causing inconvenience.

“While Coinbase AML is very quick to freeze funds on $10,000 withdrawals from personal accounts, they are certainly not as careful with large corporate accounts due to the risk of losing them,” wrote one X user.

Another commenter said it was comical that Coinbase’s security system could be bypassed by making a few small transactions.

“It’s no secret that $10,000 is the threshold amount for additional checks. But it’s quite funny how among all the platforms it is [Coinbase] did not improve its pattern detection system to identify transactions under $10,000, for example several at $9,000. Great job, as always,” the commenter noted.

According to ZachXBT, the investigation is ongoing.

Stay informed! Subscribe to World Stock Market in Telegram.


Source: Cryptocurrency

You may also like