Author

Topic: Coinbase UK Agrees to Return 60 BTC to Victim of Email Phishing Attack (Read 144 times)

full member
Activity: 335
Merit: 101
nothing is lost if you don't lose yourself
Does coinbase have the minimum £10000 deposit limit?
Just wanted to buy some eth last week and when I tried to deposit some cash it was showing £10000 minimum... Wtf?
legendary
Activity: 3472
Merit: 1722
is the victim was duped into sending 80 BTC to the hacker's wallet. from that 80 BTC, the hacker then sent 60 BTC to coinbase. pretty dumb move since coinbase mandates KYC. did he never hear of a mixer, coinjoin, etc to break the chain from the spear phishing attack?

My guess is they knew what they were doing, they probably wanted to use someone else's Coinbase and bank accounts, but this time Coinbase actually reacted in a timely manner to a customer support request and prevented the thief from cashing out.
legendary
Activity: 3080
Merit: 1353
Wow!

That's an honest company. Unlike Poloniex which still hasn't paid back what it stole from its customers.

Read my lips: if you have to choose between Poloniex and Coinbase, don't hesitate a single second, go for Coinbase.

We can't really compare Polo and Coinbase as far as handling sensitive cases like this one. Polo doesn't care about who loses or who have been hacked, if we saw their names in the press, they do nothing that's why they have lost in the game since 2017.

While Coinbase wanted to remain on top and will do anything to protect the integrity of their platform and is willing to reimbursement any victims. As for the rookie mistake, yeah, not every so called hacker in this crypto verse is intelligent.  Grin
legendary
Activity: 1652
Merit: 1483
I'm pretty sure that Coinbase wish the con artist had some sense and didn't send the coins over to their platform. This costs them time and money while they are completely innocent in this case.

yep, and not just time and money but bad press. coinbase is super concerned about PR. that's why they paid the victim the full 80 BTC even though only 60 stolen BTC was transferred to their platform.

just like the ETH flash crash in 2017 where they reimbursed everyone who had stop losses and margin calls triggered but also honored filled orders, so if you bought ETH at 10 cents you got to keep it!

that's how you can tell coinbase is extremely invested in their brand and the future, and has the capital to back it up. the polar opposite of poloniex!
legendary
Activity: 3066
Merit: 1047
Your country may be your worst enemy
Wow!

That's an honest company. Unlike Poloniex which still hasn't paid back what it stole from its customers.

Read my lips: if you have to choose between Poloniex and Coinbase, don't hesitate a single second, go for Coinbase.
legendary
Activity: 1526
Merit: 1179
I'm pretty sure that Coinbase wish the con artist had some sense and didn't send the coins over to their platform. This costs them time and money while they are completely innocent in this case.

The thing is that the only way to use Coinbase is to send them your personal information, even when you play around with pocket change--this has been their policy for close to a year now IIRC.

The rookie con at least has been pointed at his mistake in the worst possible way. It will help him to research what Bitcoin really is and what the best course of action is to properly steal coins. Smarter con it will be with time. Cheesy
legendary
Activity: 2702
Merit: 4002
I did not read the details of the article, but I think what happened was that the hacking attacks were not intended to hack.
It was done by a noob or he was able to access that account and does not have a technological background.
Also, coinbase may use it to improve the platform's reputation, although I don't think that's why.
legendary
Activity: 2576
Merit: 1655
This article cointains a bit more info; https://www.ccn.com/coinbase-bitcoin-theft-case/

It indeed seems that the 60BTC has been sent to Coinbase from an external wallet, and thus not an in-ecosystem transfer within Coinbase as I thought it was.

pretty dumb move since coinbase mandates KYC. did he never hear of a mixer, coinjoin, etc to break the chain from the spear phishing attack?
I'm happy for the victim that the scammer was clueless about how to obscure coin taint. It's hard to imagine nowadays, but there apparently are still people who think that Bitcoin is super duper anonymous and for that reason no one can trace you. This is also how a lot of drug dealers have busted themselves by cashing out the proceeds on an exchange they doxed themselves to.

That's funny indeed, I mean we are all under the impression that hackers are supposedly smart enough not to send it to a trading platform that requires KYC. The victim is just lucky though, and that's why he probably chases his 60 BTC because he knows that the hackers has made one of the stupidest thing to do by not hiding or conceal his foot prints in the blockchain.
member
Activity: 246
Merit: 10
For success work hard!
Looks like a good deal. Thank you so much for sharing. I got some details about coinbase fraud. But I was looking to get some more. Here I found some good info about coinbase fraud: https://all-stocks.net/coinbases-fraud-case-dismissed-crypto-exchange-to-pay-for-mismanaging-bitcoin-cash-launch/
legendary
Activity: 2170
Merit: 1427
This article cointains a bit more info; https://www.ccn.com/coinbase-bitcoin-theft-case/

It indeed seems that the 60BTC has been sent to Coinbase from an external wallet, and thus not an in-ecosystem transfer within Coinbase as I thought it was.

pretty dumb move since coinbase mandates KYC. did he never hear of a mixer, coinjoin, etc to break the chain from the spear phishing attack?
I'm happy for the victim that the scammer was clueless about how to obscure coin taint. It's hard to imagine nowadays, but there apparently are still people who think that Bitcoin is super duper anonymous and for that reason no one can trace you. This is also how a lot of drug dealers have busted themselves by cashing out the proceeds on an exchange they doxed themselves to.
legendary
Activity: 1652
Merit: 1483
It's not really settled. Coinbase just moved the dude's coins from the hacker's account back to his own account, which is how it should be done.

I'm actually more stunned by what seems to be stupidity of the hacker who left 60BTC on the Coinbase platform instead of taking them off. If you can get 20BTC off the platform, why not take the rest off too?

the stupid move was sending them there in the first place. the details are lacking but my reading of this---
Quote
Robertson lost his Bitcoin in a spear-phishing attack, when the email account of a firm in which he was investing was hacked. 60 of the stolen Bitcoins were then diverted to a digital wallet that was held by Coinbase. Another 20 were sent to local exchanges.
is the victim was duped into sending 80 BTC to the hacker's wallet. from that 80 BTC, the hacker then sent 60 BTC to coinbase. pretty dumb move since coinbase mandates KYC. did he never hear of a mixer, coinjoin, etc to break the chain from the spear phishing attack?
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
~

As a bit of an insight to the removal of the 20k, coinbase are able to manually change how much you're able to withdraw and everyone in the UK has a withdrawal limit of £50k because you have to send things via Sepa (I think) which requires £10k or more to be withdrawn at once.

The hacker could make more than one account or keep sending the funds within coinbase too.
legendary
Activity: 2170
Merit: 1427
It's not really settled. Coinbase just moved the dude's coins from the hacker's account back to his own account, which is how it should be done.

I'm actually more stunned by what seems to be stupidity of the hacker who left 60BTC on the Coinbase platform instead of taking them off. If you can get 20BTC off the platform, why not take the rest off too? All I can find about Coinbase is a $10,000 daily withdrawal limit, which would have prevented the majority of the other coins to be withdrawn, so the limit must have been higher if you can take out 20BTC.
legendary
Activity: 2576
Merit: 1655
It looks like Coinbase has quietly settled 60 bitcoin to a victim of a phishing attack

Quote
Robertson lost his Bitcoin in a spear-phishing attack, when the email account of a firm in which he was investing was hacked. 60 of the stolen Bitcoins were then diverted to a digital wallet that was held by Coinbase. Another 20 were sent to local exchanges. Roberston then received a Bankers Trust order to reveal the identity of the wallet holder and to see whether it was the same person who made the transfer.

https://cointelegraph.com/news/coinbase-uk-settles-lawsuit-with-victim-of-email-phishing-attack

I can't find anything on Coinbase blog but I received this news from my feed.

The victim here is CEO of Alphabit Liam Robertson.

It could set a precedence but we will see, I don't know if this is the first of a kind that involves huge trading platform such as Coinbase.
Jump to: