A user of the cryptocurrency exchange Coinbase said that $1.7 million in assets were fraudulently withdrawn from his wallet. This happened after unknown people contacted him, introducing themselves as employees of the platform.
CT, a member of the community urgently needs your help.
$1.7 Million Stolen — A good friend’s self custody wallet was drained by a scammer yesterday, July 6th.
TLDR of how it went down below (3 pages)⤵️
You can find the Ethereum transactions with links in the comment below.… pic.twitter.com/OTx3wslz6R
— Tegan.eth 🌅,🦩 (@theklineventure) July 7, 2024
The story was shared by Edge & Node co-founder Tegan Klein. According to him, the victim was contacted by a scammer, claiming to be from a Coinbase representative. To back up his claims, the scammer sent the user an email that was supposedly from the company. The message said the customer was speaking with an “official Coinbase representative.”
The fraudster told the victim about an unauthorized withdrawal of assets from his account, which “must be stopped immediately.” To make the fraudster’s words look convincing, another letter was sent to the client’s email. It showed a transaction indicating the transfer of funds from the crypto wallet.
The attacker eventually redirected the user to a site that required entering a seed phrase to “stop outgoing transactions.” The victim knew that doing so was unsafe. He entered part of the phrase in the appropriate field, but did not send it.
However, this did not prevent hackers from intercepting the mnemonics and picking up the remaining words. A few hours after the conversation, $1.7 million in assets were withdrawn from the user’s account.
Hiro Systems CEO Alex Miller noted that fraudulent resources receive data as it is entered. According to him, unknown people who tried to impersonate Coinbase staff also contacted him. Miller believes that the hackers obtained the personal data of the exchange’s clients as a result of a leak in 2022.
Never enter any information into a site you have a bad feeling about — even if you never hit submit, the bad guys are capturing data as you enter it.
sounds like this user put in part of his seed phrase, which was enough to reduce the entropy and the bad guys brute force the rest. https://t.co/NMpeLcHmdv
— Alex Miller (@alexlmiller) July 8, 2024
Another user of the exchange reported a similar case with fake Coinbase employees. He said that the scammer tried to convince him that his account was blocked and he needed to reset his password. The hacker sent the platform’s client a fake link and hung up when he realized that he could not convince the user to enter his data.
Cybersecurity experts have noted several other similar cases. In each case, unknown individuals used stolen data in combination with social engineering techniques. Coinbase representatives did not comment on the situation at the time of publication of this article.
Stay up to date! Subscribe to World Stock Market on Telegram.
Source: Cryptocurrency
I am an experienced journalist and writer with a career in the news industry. My focus is on covering Top News stories for World Stock Market, where I provide comprehensive analysis and commentary on markets around the world. I have expertise in writing both long-form articles and shorter pieces that deliver timely, relevant updates to readers.
