據報導，一名Coinbase用戶損失了約3490萬美元的BTC

據Crypto調查員Zachxbt稱，據報導，一名Coinbase用戶向騙子損失了價值3490萬美元的BTC。

A Coinbase user reportedly lost about $34.9 million worth of BTC to scammers, crypto investigator ZachXBT has claimed.

加密調查員Zachxbt聲稱，據報導，一名Coinbase用戶向騙子損失了價值3490萬美元的BTC。

Taking to his Telegram channel ‘Investigations by ZachXBT’ on March 28, ZachXBT pointed out that a staggering sum of 400.099 BTC, valued at approximately $34.9 million, was transferred to an address ‘bc1qvlustvxhqzee9tgqers4tfungrg6c0fs4u76jf.’

Zachxbt在3月28日進入他的電報頻道“ Zachxbt的調查”，指出，400.099 BTC的驚人總和約為3,490萬美元，轉移到了地址'BC1QVLUSTVXHQZEEE9TGQZEEE9TGQES4TGQES4TFUNGRGG6C6C0FS4U76JF。

The funds were later bridged from Bitcoin to Ethereum via Thorchain or Coinflip and subsequently converted to the DAI stablecoin, finally exiting in a mixer. However, Coinbase failed to flag any of the theft addresses from these victims in its compliance tools.

這些資金後來通過胸鍊或共氟化物從比特幣橋接到以太坊，隨後轉化為dai stablecoin，終於在混合器中退出。但是，Coinbase未能通過其合規工具標記這些受害者的任何盜竊地址。

The crypto exchange's customers are losing about $300 million to scammers annually, and about $65 million was stolen between December 2024 and January 2025, which is becoming an increasingly troubling trend.

加密貨幣交易所的客戶每年損失約3億美元，在2024年12月至2025年1月之間偷走了約6500萬美元，這變得越來越令人不安。

The scammers use sophisticated social engineering attacks and mostly target the elderly. Scammers use stolen personal data to trick users by sending fraudulent emails that impersonate official Coinbase communications, including fake case IDs, to lure victims into transferring funds to wallets controlled by the scammers.

騙子使用複雜的社會工程攻擊，主要針對老年人。 Scammers使用被盜的個人數據來欺騙用戶，通過發送欺詐性電子郵件，這些欺詐性電子郵件模仿官方的Coinbase通信（包括假案例ID），以吸引受害者將資金轉移到由騙子控制的錢包中。

“Scammers clone the Coinbase site nearly 1:1 and allow the scammers to send different prompts to the target via spoofed emails using panels,” ZachXBT noted.

Zachxbt指出：“騙子克隆了Coinbase站點的近1：1，並允許騙子通過使用面板通過欺騙的電子郵件向目標發送不同的提示。”

Alongside these scams, Coinbase has faced multiple security breaches, which it never publicly acknowledged. These incidents include compromises involving outdated API keys for tax software sending verification codes to any email address regardless of its association with an account.

除了這些騙局外，Coinbase還面臨多次安全漏洞，從未公開承認。這些事件包括涉及過時的API密鑰的妥協，無論其與帳戶的關聯如何，將驗證代碼發送到任何電子郵件地址。

In 2023, Coinbase Commerce suffered a $15.9 million theft, while a threat actor laundered about $38 million from the BTCTurk hack through Coinbase. According to ZachXBT, these highlight systemic security lapses and inadequate customer support, which he put at the door of Coinbase’s leadership.

2023年，Coinbase Commerce遭受了1590萬美元的盜竊，而威脅演員通過Coinbase從BTCTURK HACK中洗了3800萬美元。根據Zachxbt的說法，這些突出了系統安全的失誤和不足的客戶支持，這是他在Coinbase領導層的大門上。

Coinbase lapses in regulatory compliance and ensuring security

共插基在法規合規性中失效並確保安全

The crypto exchange has also been accused of failing to comply with regulatory frameworks. Its failure to flag addresses related to thefts in monitoring tools creates blind spots in fraud detection.

加密交易所還被指控不遵守監管框架。它未能在監視工具中與盜竊有關的標誌地址會在欺詐檢測中創建盲點。

In contrast, competitors like OKX and Binance are more proactive in managing similar threats. For example, OKX swiftly responds to reports of stolen funds, notifying relevant parties and cooperating with authorities to recover the funds. Similarly, Binance is actively involved in tracking and reporting fraudulent activity to keep its platform and users safe.

相比之下，像OKX和Binance這樣的競爭對手在管理類似威脅方面更加主動。例如，OKX迅速回應了被盜資金的報告，通知相關方並與當局合作以收回資金。同樣，Binance積極參與跟踪和報告欺詐活動，以確保其平台和用戶安全。

Coinbase, however, has repeatedly failed to take decisive action against threat actors, despite being notified multiple times.

但是，儘管多次通知，但Coinbase還是一再未能針對威脅行為者採取決定性行動。

In July 2024, CB Payments Limited, or CBPL, the UK branch of Coinbase, was fined £3.5 million by the UK Financial Conduct Authority for AML violations. CBPL entered a voluntary requirement with the FCA, which prevents the company from servicing high-risk clients. However, it breached this requirement and onboarded and served about 13,500 high-risk clients. The FCA says these breaches were a result of CBPL’s lack of due skill, care, and diligence in the design, testing, implementation, and monitoring of security controls.

2024年7月，Coinbase的英國分支機構CB Payments Limited或CBPL被英國金融行為違規行為罰款350萬英鎊。 CBPL與FCA達成了自願要求，這阻止了公司為高風險客戶提供服務。但是，它違反了這一要求，並為大約13,500名高風險客戶提供了船上的要求。 FCA表示，這些違規行為是CBPL在設計，測試，實施和監視安全控制方面缺乏適當技能，護理和勤奮的結果。

Crypto scams are increasing in frequency and severity. In February 2025, Bybit experienced a massive security breach, which resulted in the loss of about $1.5 billion worth of Ethereum when hackers gained control of an Ethereum wallet during a routine funds transfer between a cold and hot wallet. These incidents show the persistent threat crypto exchanges face.

加密騙局的頻率和嚴重程度正在增加。 2025年2月，拜比特（Bybit）遭受了巨大的安全漏洞，當黑客在寒冷和熱錢包之間的常規資金轉移期間，黑客獲得了對以太坊錢包的控制權，損失了約15億美元的以太坊。這些事件表明加密交換的持續威脅面對。

In response, regulatory bodies are intensifying efforts to make the crypto space safe. For example, the U.S. Securities and Exchange Commission (SEC) is revising its approach to crypto regulations and cybersecurity. SEC Commissioner Hester Peirce emphasized the need for clear regulatory frameworks that define the SEC’s jurisdiction.

作為回應，監管機構正在加強為確保加密空間安全的努力。例如，美國證券交易委員會（SEC）正在修改其對加密法規和網絡安全的方法。 SEC專員Hester Peirce強調需要定義SEC管轄權的明確監管框架。

Criticizing previous enforcement-based approaches, Peirce advocated for principles-based rule-making to foster innovation while ensuring security.

Peirce批評了以前的基於執法的方法，主張基於原則的規則制定，以促進創新，同時確保安全。