据报道，一名Coinbase用户损失了约3490万美元的BTC

据Crypto调查员Zachxbt称，据报道，一名Coinbase用户向骗子损失了价值3490万美元的BTC。

A Coinbase user reportedly lost about $34.9 million worth of BTC to scammers, crypto investigator ZachXBT has claimed.

加密调查员Zachxbt声称，据报道，一名Coinbase用户向骗子损失了价值3490万美元的BTC。

Taking to his Telegram channel ‘Investigations by ZachXBT’ on March 28, ZachXBT pointed out that a staggering sum of 400.099 BTC, valued at approximately $34.9 million, was transferred to an address ‘bc1qvlustvxhqzee9tgqers4tfungrg6c0fs4u76jf.’

Zachxbt在3月28日进入他的电报频道“ Zachxbt的调查”，指出，400.099 BTC的惊人总和约为3,490万美元，转移到了地址'BC1QVLUSTVXHQZEEE9TGQZEEE9TGQES4TGQES4TFUNGRGG6C6C0FS4U76JF。

The funds were later bridged from Bitcoin to Ethereum via Thorchain or Coinflip and subsequently converted to the DAI stablecoin, finally exiting in a mixer. However, Coinbase failed to flag any of the theft addresses from these victims in its compliance tools.

这些资金后来通过胸链或共氟化物从比特币桥接到以太坊，随后转化为dai stablecoin，终于在混合器中退出。但是，Coinbase未能通过其合规工具标记这些受害者的任何盗窃地址。

The crypto exchange's customers are losing about $300 million to scammers annually, and about $65 million was stolen between December 2024 and January 2025, which is becoming an increasingly troubling trend.

加密货币交易所的客户每年损失约3亿美元，在2024年12月至2025年1月之间偷走了约6500万美元，这变得越来越令人不安。

The scammers use sophisticated social engineering attacks and mostly target the elderly. Scammers use stolen personal data to trick users by sending fraudulent emails that impersonate official Coinbase communications, including fake case IDs, to lure victims into transferring funds to wallets controlled by the scammers.

骗子使用复杂的社会工程攻击，主要针对老年人。 Scammers使用被盗的个人数据来欺骗用户，通过发送欺诈性电子邮件，这些欺诈性电子邮件模仿官方的Coinbase通信（包括假案例ID），以吸引受害者将资金转移到由骗子控制的钱包中。

“Scammers clone the Coinbase site nearly 1:1 and allow the scammers to send different prompts to the target via spoofed emails using panels,” ZachXBT noted.

Zachxbt指出：“骗子克隆了Coinbase站点的近1：1，并允许骗子通过使用面板通过欺骗的电子邮件向目标发送不同的提示。”

Alongside these scams, Coinbase has faced multiple security breaches, which it never publicly acknowledged. These incidents include compromises involving outdated API keys for tax software sending verification codes to any email address regardless of its association with an account.

除了这些骗局外，Coinbase还面临多次安全漏洞，从未公开承认。这些事件包括涉及过时的API密钥的妥协，无论其与帐户的关联如何，将验证代码发送到任何电子邮件地址。

In 2023, Coinbase Commerce suffered a $15.9 million theft, while a threat actor laundered about $38 million from the BTCTurk hack through Coinbase. According to ZachXBT, these highlight systemic security lapses and inadequate customer support, which he put at the door of Coinbase’s leadership.

2023年，Coinbase Commerce遭受了1590万美元的盗窃，而威胁演员通过Coinbase从BTCTURK HACK中洗了3800万美元。根据Zachxbt的说法，这些突出了系统安全的失误和不足的客户支持，这是他在Coinbase领导层的大门上。

Coinbase lapses in regulatory compliance and ensuring security

共插基在法规合规性中失效并确保安全

The crypto exchange has also been accused of failing to comply with regulatory frameworks. Its failure to flag addresses related to thefts in monitoring tools creates blind spots in fraud detection.

加密交易所还被指控不遵守监管框架。它未能在监视工具中与盗窃有关的标志地址会在欺诈检测中创建盲点。

In contrast, competitors like OKX and Binance are more proactive in managing similar threats. For example, OKX swiftly responds to reports of stolen funds, notifying relevant parties and cooperating with authorities to recover the funds. Similarly, Binance is actively involved in tracking and reporting fraudulent activity to keep its platform and users safe.

相比之下，像OKX和Binance这样的竞争对手在管理类似威胁方面更加主动。例如，OKX迅速回应了被盗资金的报告，通知相关方并与当局合作以收回资金。同样，Binance积极参与跟踪和报告欺诈活动，以确保其平台和用户安全。

Coinbase, however, has repeatedly failed to take decisive action against threat actors, despite being notified multiple times.

但是，尽管多次通知，但Coinbase还是一再未能针对威胁行为者采取决定性行动。

In July 2024, CB Payments Limited, or CBPL, the UK branch of Coinbase, was fined £3.5 million by the UK Financial Conduct Authority for AML violations. CBPL entered a voluntary requirement with the FCA, which prevents the company from servicing high-risk clients. However, it breached this requirement and onboarded and served about 13,500 high-risk clients. The FCA says these breaches were a result of CBPL’s lack of due skill, care, and diligence in the design, testing, implementation, and monitoring of security controls.

2024年7月，Coinbase的英国分支机构CB Payments Limited或CBPL被英国金融行为违规行为罚款350万英镑。 CBPL与FCA达成了自愿要求，这阻止了公司为高风险客户提供服务。但是，它违反了这一要求，并为大约13,500名高风险客户提供了船上的要求。 FCA表示，这些违规行为是CBPL在设计，测试，实施和监视安全控制方面缺乏适当技能，护理和勤奋的结果。

Crypto scams are increasing in frequency and severity. In February 2025, Bybit experienced a massive security breach, which resulted in the loss of about $1.5 billion worth of Ethereum when hackers gained control of an Ethereum wallet during a routine funds transfer between a cold and hot wallet. These incidents show the persistent threat crypto exchanges face.

加密骗局的频率和严重程度正在增加。 2025年2月，拜比特（Bybit）遭受了巨大的安全漏洞，当黑客在寒冷和热钱包之间的常规资金转移期间，黑客获得了对以太坊钱包的控制权，损失了约15亿美元的以太坊。这些事件表明加密交换的持续威胁面对。

In response, regulatory bodies are intensifying efforts to make the crypto space safe. For example, the U.S. Securities and Exchange Commission (SEC) is revising its approach to crypto regulations and cybersecurity. SEC Commissioner Hester Peirce emphasized the need for clear regulatory frameworks that define the SEC’s jurisdiction.

作为回应，监管机构正在加强为确保加密空间安全的努力。例如，美国证券交易委员会（SEC）正在修改其对加密法规和网络安全的方法。 SEC专员Hester Peirce强调需要定义SEC管辖权的明确监管框架。

Criticizing previous enforcement-based approaches, Peirce advocated for principles-based rule-making to foster innovation while ensuring security.

Peirce批评了以前的基于执法的方法，主张基于原则的规则制定，以促进创新，同时确保安全。