ZachXBT recently identified a $15.9 million theft targeting a vendor on Coinbase Commerce. Coinbase’s AML did not detect the suspicious activity, and it is currently unclear how the attack occurred.
Some on-chain data and other clues from the culprit’s social media bragging may help reveal his identity, but the investigation is ongoing. As of yet, the victim has not come forward either, complicating the search.
ZachXBT Finds Coinbase Commerce Theft
ZachXBT, a famous crypto sleuth, revealed the progress of this investigation via social media posts. Zach claimed that the initial theft occurred on April 21, in more than 1700 suspicious USDC outflows.
The culprit swiftly bridged stolen USDC worth over $15.9 million to Polygon and then Ethereum. Afterward, this was split into three wallets, and the majority remained dormant.
The criminal has kept his true identity a secret but nevertheless began flexing luxury purchases under the username “Excite.” His face was partially identifiable in some photos, and metadata suggests he may be in Denmark.
ZachXBT stated that he might be able to identify Excite’s real name, but he still had an important question: how did this person breach Coinbase’s security?
“While the identity of the victim in this case remains unknown, it’s clear a strong lead exists to potentially hold this threat actor legally accountable. Due to how the funds were split three ways, I would expect others may have been involved. One question I would have is why did Coinbase’s AML monitoring not flag this suspicious activity within 16 hours,” he stated.
Interestingly, Coinbase has a poor history of AML monitoring. Last year, it received a $50 million fine for violating compliance laws. Commentators under Zach’s posts complained that the firm has been overzealous in restricting law-abiding accounts, but this major crime totally escaped detection.
Last month, ZachXBT investigated another scammer impersonating Coinbase Support. Earlier in February, Coinbase Commerce removed Bitcoin payments due to “operational hurdles.” But clearly, the platform needs to shore up potential problems.
Unfortunately, the victim has not come forward, so we know very few circumstances except their status as a Coinbase Commerce vendor. Continued investigation will hopefully bring more information to light.
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.
Credit: Source link
