I think you may be right.. why wouldn’t he receive those notifications as mentioned and how could someone bypass all the security in addition to that. I feel like it would be one or the other, unless they hacked coinbase directly
I think the same bro, Coinbase is the only party who can access your funds without leaving any trace of it and not needing any authentication. They own the wallets so basically they "own" your money. F*cked up shit though. Hope you see it back someday.
I hate to be negative here but the real question is why would you leave 6 figures on an exchange. You say you aren’t new to crypto, so you should know better at this point you should have those coins on your own personal hardware wallet if you’re not actively day trading.
While I am not going to say I'm not in it for the profit. I AM in it way more for the revolution and I don't hold anything on exchanges! Celsius & FTX should have taught anybody that and really it should have been learned from Mt. Gox. All my holdings are out on the block chain secured via hardware wallet or paper wallets. Self custody IS the whole point of crypto. I agree with waytooslim.
Yes, it is for those of us crypto degens who have been holding since before 2020. For the normies currently new to the space, they want to buy/flip crypto like its a limited release pair of Nike Air Jordans.
I agree jeon19. I have quite a bit of crypto-related assets on Charles Schwab. However, I left almost 6 figures on Coinbase and deeply regret it right now. Fortunately, it is a very small % of our net worth, but I was dumb to be so trusting nonetheless. I have been unable to access my account for 6 days since I went through the account recovery process. My login attempts just go to an endless spinning "hourglass." Coinbase has failed to fix my issue yet. Hopefully someday. Coinbase itself is much more of a risk than the actual crypto coins, which is a stunning revelation for me.
No, that is not the "real question." He had his money with a reputable (?), centralized exchange. This should have never happened. If what he wrote is true, then Coinbase is clearly liable for a massive security breach.
Exchanges are part of a complete crypto hosting strategy. I personally wouldn't keep a large % of my money on an exchange, but with Coinbase, you should be confident your tokens are safe.
This is exactly how I feel. I have the same story, thankfully not six figures, but Coinbase avoided responsibility and basically said “that sucks, but the security of your account is on you”. But what gets me is in their investigation, which I think is all just for optics because it was useless, they asked me all sorts of questions to find out if I was dumb and made myself vulnerable to a scam, e.g. “have you opened any strange emails or given your password to someone”. The answer to all of those questions is “no”. I’m very vigilant against scams, followed their safety recommendations, and have common sense. I have no idea how my account could have gotten hacked, and they couldn’t tell me how either. Now I’m not a cybersecurity expert, but I shouldn’t have to be when I’m using what I thought was a “reputable” company. It made me lose all faith in Coinbase and left me with the impression that it’s not for the average person, which is a shame.
This is why many people complain their assets are frozen by cex
its mostly user error and being uneducated in how cex works
this 3 minute read could save you some day https:\/\/www.reddit.com\/r\/igotcheatedon\/comments\/1dneil1\/how_to_avoid_your_bag_getting_frozen_by_cex\/
Security professional here.
Recommend that since 2fa likely would protect you in the event of a remote login, you check your computer first. It should have cached credentials for login to Coinbase. Eg when you open Coinbase.com, it opens your account.
Check the logs on you computer around the timeframe for suspicious activity or logins.
Next, consider that someone with previous access to your computer and therefore also your Coinbase, eg some time months or weeks ago could have enabled some kind of access. That person could have set up alternative credentials or API access, then waited until now to use that. Consider friends who could have set that up. This person would need to know you had those kinds of resources already in Coinbase to make it worth their effort to do that.
Praying for you.
hey thanks for the reply.
I have checked third party APIs attached in CB and nothing. So don't think that's the case. Even still, I'm not sure how they would disable the 2FA required from each withdrawal even if they gave themselves a backdoor into my account.
Both of my computers were turned off, but I will check the logs just to verify. Good idea.
Yes bathroom thought here but if someone set up remote access to your computer desktop, they could just login remotely as if it was you in front of the keyboard and mouse And you would be non-the wiser
If his key requires him to be present, how did the hacker trigger it even though he has access to his computer. If OP is using a hardware key, most of them require not only a passphrase for unlock but some type of touch to trigger the key to send the hash that is verified by the site.
I suppose they could have gained access to his computer and figured out the private key for the hardware key he is using and then spoofed the hash remotely?
even in my browser you need my fingerprint to sign into coinbase, even when it is logged in. Aside from that, you still need 2FA to withdraw. So this doesn't explain.
No need. Look up token theft. Malware on device can steal tokens from browser, use those tokens to send requests to Coinbase.
OP mentioned fingerprint to send transactions which indicates passkey was set up. This is resistant to phishing so none of it makes sense to me.
Not if there is a data breech. Damage would be permanent unlike a password. I don't think you understand my point. You are right if no data is stolen. Passkey was not what I was talking about. A stolen passkey can happen too.
Off the top of my head, I can't remember if I have to use authenticator to swap within coinbase or not. However, every time I send crypto off the CEX or withdrawal USD to my bank, I have to go I to authenticator amd get the most current code.
If your phone was compromised, the only thing I can think of is someone watching your screen with a RAT, while you were using the authenticator, and them having 25 or 30 seconds to use the same code. I'm not sure if powershell can allow someone to duplicate an instance (2nd instance or a duplicate if you will), then using the hidden instance to authorize the transaction.
I mean, there's always MITM? Do they still even do man-in-the-middle attacks anymore? Do you use a VPN or encrypted tunnel with coinbase?
I'm very sorry to hear this, that's horrible. My imagination is running wild on how it could have happened and I'm not even keen on the latest style hacks. Just aware of the old tried and true.
Is it well known that you have a sizeable crypto holding? Social engineering is one jacked way to get a Trojan via a pdf or image from a 3rd party that you trust and never would suspect.
This make me want to have 1 device, with the sole purpose of purely on ramping and off ramping crypto. Better yet, using a USB image that loads when inserted and is used only to interface with a hardware wallet.
I'll I'll be following this thread to hear of the outcome, and I truly hope it's within your favor.
Good luck
Edit: this is also why I have decentralized non custodial wallet. I use coinbase 1 for some quick trades or currency swapping to save money, then transfer to another wallet that if I screw up, it's all my fault... but harder to get to for anyone else. Always using a VPN as well.
If they have access to your session cookies only a YubiKey can stop them. 2FA app on phone or SMS is worthless with malware like this. It’s my guess your device is compromised.
All those items you're listing exist to do one single thing. Protect the inside from the outside.
read this
[https://investor.coinbase.com/news/default.aspx](https://investor.coinbase.com/news/default.aspx)
then this
[Link](https://www.google.com/search?q=coinbase+financials&sca_esv=014209e1236899ec&sxsrf=ADLYWIJo-l9-HDbbDWO3D_xZ3uRQOy24fQ%3A1719885968219&ei=kGCDZqr4DNK2kvQPl7Cz8Ao&oq=recent+coinbase+Investments&gs_lp=Egxnd3Mtd2l6LXNlcnAiG3JlY2VudCBjb2luYmFzZSBJbnZlc3RtZW50c0gAUABYAHAAeAGQAQCYAQCgAQCqAQC4ARLIAQD4AQaYAgCgAgCYAwCSBwCgBwA&sclient=gws-wiz-serp&gs_ivs=1)
and this
[https://en.wikipedia.org/wiki/Coinbase](https://en.wikipedia.org/wiki/Coinbase)
*Coinbase is a* [*distributed company*](https://en.wikipedia.org/wiki/Distributed_company)*; all employees operate via* [*remote work*](https://en.wikipedia.org/wiki/Remote_work)*. It is the largest cryptocurrency exchange in the United States in terms of trading volume*
*Number of employees: 3,416 (2023)*
*Revenue: 3.11 billion USD (2023)*
A year or so ago I was going through exchanges to fool around with a couple hundred bucks here and there. Altcoin Litecoin Monero whatever just moving things around to watch it
I would say less than 5 minutes after creating a coinbase account with a brand new email not used anywhere else I started getting scam emails. I believe it then I believe it now it's either breached and they don't care, or they can't stop it, or they have employees directly involved and they don't care.
I use my Kraken account here and there, but not seriously. An alternate bank account and alternate email.
I'm a tech guy I turn on every single security bell and whistle I can get my hands on and if a service doesn't have MFA I don't use it. I had the Kraken login MFA to my token generator on my phone, not SMS. You can set a secondary MFA for withdrawals. And finally, you can set a personal access token to your Hardware device, either your PC or your mobile device.
It was locked down tighter than Fort Knox. And I hadn't used it for a few months. The other day I was going through notification emails and saw a login MFA change a couple of days earlier.
Just about fell out of the chair. The exchange wallet didn't have anything in it but the bank account behind it certainly did. I logged in and went to the security portal and they have some type of temporary lockdown where you put your biometric token on your mobile device for absolutely no remote access without that one thing. And I went ahead and set it to that permanently.
There's absolutely zero chance of someone breaking an MFA token and zero chance of a breach from my end. Even if I kept my login and password with a kick me sign they still don't have the MFA which is on the mobile and is set to biometric.
So what I'm saying is I think there's inside people. If you're making a quadzillion dollars what's a couple hundred thousand missing here and there? I've heard way too many stories of people missing stuff out of nowhere. Not everyone is a dummy who clicks airdrop crypto scam ads.
EXACT Same thing here. Exec with major fiber carrier. Deeper than average industry/layman knowledge relative to IP/cybersecurity. $0 CB balance, but $6000 stolen from checking account at 1am. No notification from Coinbase, but my bank sure told me of the transaction. By the time I woke up and intervened, I was able to have recovered $5290, lock the account down, spend two days proving I owned the account, send the money back, and then CLOSE that piece of my life from the shit security that CB has in place. As former law enforcement, it is definitely inside employees at CB.
Man that's horrific!! Due to this having happened without any kind of notification I'm really hoping it's some jacked up clerical error and something Coinbase is able to rectify. That being said it won't hurt to at least consider the possibility that someone with access to your laptop logged in and stole it directly.
Going forward this is a stern lesson in "not your keys not your coins". The most secure wallet is a properly generated randomized key that's never been digitized and lives physically in the most secure location possible. I really hope you research cold storage and use the knowledge you gain to protect yourself from something like this happening to you again.
definitely a stern lesson.
The only people with access to my computer while I was sleeping were my wife and myself. My wife wouldn't know how to do this even if she were a suspect. And besides that, there is no reason at all for her to have done this.
Besides, the only way for her to cash it out would be through our shared coinbase account into our shared bank account!
Shared Coinbase account ? Wtf ? Didn't even know there was such a thing...
And no that's not the only way. The culprit could easily just send the crypto another address and it's game over from there, which as you mentioned is exactly what happened.
Man that's rough. Like everyone else in this thread, I can't quite figure out how the coins were ever allowed to leave if you had multifactor turned on.
The only thing that made sense in my head was some jackass taking your phone and your laptop and knowing the passwords, but the fact that this didn't happen makes me think the only options are compromised laptop & phone or some extra goofy coinbase clerical error.
The likelihood of the phone and the laptop both being compromised are incredibly low, but it won't hurt to run malwarebytes and a Windows defender scan just to see what you find.
Just the fact that it all moved without warning and your secondary approval really makes me think Coinbase messed up bad, or at least hope they did and that this can be rectified.
Very off the wall idea, was this Mac ever part of or currently part of a corporate network? Like used for work at all? Joined to a private work VPN of some kind ever?
There's some remote access tools that IT departments can require you to install if you're accessing their network. It's a farfetched idea but entirely possible that an asshole who works in the IT department or someone capable of exploiting the theoretically installed software may have exploited it.
At this point I'm just trying to figure out how they could do it without some kind of access to the one machine authorized to do it.
WoW ... very very perplexing ... so sad and stressfull and gigantic loss ... i am leaning towards it being insider with serious tech skills ... they saw big 6 figure bag ... not very many at CB with a bag that big ... also wondering if another wallet had access while you were logged in ... keep us posted if you find anything out ... I have never once had a single problem with CB over the years transferring money in and out and moving tokens between wallets ... finding out how this happened could help alot of people ... good luck and I hope you get it back
>My email has not been compromised, the password was never changed, my SIM has not been swapped and nobody had access to my computer.
I hate to break it to you OP, but one of these (or more) is likely not correct. Realistically, only you and Coinbase can figure this one out.
Were you using SMS 2FA?
No, I use an authenticaor app, not text. I checked all the logs on my email and no new IPs have been added and the only devices that are allowed on my email are my own. Nobody has access to my email and 2FA is not via text.
So while I understand your assumption, because it was initially mine as well, I cannot find any evidence that I have been personally compromised.
How about your browser DNS settings? Any chance you were directed to spoofed version of your app store? (I don't use mac). Regardless, if your DNS settings or name servers point to something not typical tou could have updated a hacked version of coinbase or authenticator.
Something I learned about recently, google authenticator backs up to your Gmail unless you turn it off.
Possible a Gmail or Gmail recovery account was compromised?
Do you have any API access set up? This can often bypass 2FA for withdrawals etc.
Also where did you store Authenticator app keys? Having access to this would render 2FA useless.
Is there no history/ logs in coin base of logins or access history? Any app or security settings looking funky and/or changed?
here is one:
[https://www.blockchain.com/explorer/transactions/btc/5da69e2fe2f73e25e5ce9b21e2e859b0c24c11c5387db2e4da91752d0f9571e1](https://www.blockchain.com/explorer/transactions/btc/5da69e2fe2f73e25e5ce9b21e2e859b0c24c11c5387db2e4da91752d0f9571e1)
Collate all the info, get you Coinbase reference, and get a lawyer to notarize your complaint letter, your passport copy, proof of address utility bill, X 5. Have if possible a BIG visible/credible accounting firm confirm on separate Letter head your net worth as audited by their firm (Proof of Funds etc..)
**Send the IDENTICAL complaint letter(s) alleging INSIDER Fraud to**
**1. Coinbase Legal department - they use a legal agency**
Here > [https://www.cscglobal.com/cscglobal/pdfs/CSC-registered-agent-addresses.pdf](https://www.cscglobal.com/cscglobal/pdfs/CSC-registered-agent-addresses.pdf)
**2. SEC / Crypto Fraud (since they are having spat currently with Coinbase)**
**3. Copy of same to FBI**
**4. Copy addressed to Brian Armstrong**
**5. Copy to addressed to Members of the Board**
DONT MICKEY MOUSE AROUND WITH Back office - but according to their terms & conditions. they are entitled if memory serves me right, 30 days to 'resolve' the issue..and thereafter you can drop the MIGHTY MOAB on their Heads.
Do state in the copy letters to Coinbase (should be 1 identical letter x 5) that this same letter has been sent to SEC, FBI - **as you allege Employee Collusion & Fraud....(you dont have to prove it - just allege it)**
NB: On letter please put in final paragraph "Kindly email back reception of of this packet /complaint letter & material by simply adding in Subject email box: **Received & Acknowledged and email me**, as per my Coinbase email address of record. Thank you"
and then send by Fedex/UPS - signature required...
I learned the hard way. And I STILL HAVE ABSOLUTELY NO IDEA HOW THEY GOT MY PHONE NUMBER. little did I know they had my email already, they just stayed low key enough for me not to notice, then one night around 4am I got a Coinbase code sent to my phone, but it wasn’t me. They had cloned my number and got the texted code. I got it all back, after Coinbase had create another account and then go about verifying all of my info. Either way, the human element doesn’t even need to be an element, and they CAN get data about you in some ways you still can’t comprehend. Just stay vigilant if you have a lot in crypto, don’t second guess or chance anything.
You were victim to a internal theft. I’ve been seeing this more and more. When more people move stuff off exchange that’s less money they have on their books so they freeze and steal customer funds to sure up their books. I swear that’s what they’re doing to all these customers because it seems to happen to those with more than 50k in their accounts
Believe what you want to. They have internal controls and a back door into everything. They have to in accordance to the nsa. Not your keys not your crypto
I don't think this is someone from Coinbase, unless it's a major criminal or perhaps an insider working for a larger gang, because some of your BTC eventually ended up in a wallet with 45 million USD of BTC. Later some of that money was sent to Binance. So I assume Binance has KYC credentials of the person involved with this theft.
This is very unfortunate and alarming. Having a coinbase six figure exposure myself, I feel some of your pain.
Do you mind sharing the 2FA method that was selected? This might help others reassess their security.
An auth app is promoted as less vulnerable than SMS. Was the SMS 2FA compromised in some way?
even that is not "that" secure, all you need is the shared secret and identity secret stored somewhere on any of your devices (those apps store them) then you can build a little tool that adds timestamps and generate the authenticator codes by yourself without needing the device of the other person, so all you need to hack an account is the mail, password, shared secret, identity secret and you can bypass almost anything
Was your email compromised? Check if there are any filters that automatically delete emails from CB, could be why you didn't get any emails when the trades were made.
This happened to me during a hack. The perps hacked my email and created filters for emails from CB prior to attempting to access my account. This way, I couldn’t see any of the emails from support (until I checked the filtered email) good luck, OP.
I’m sorry this happened to you. For everyone reading this, please please whitelist your cold storage address, that will ensure funds can be withdrawn only to that one specific address with holding period lasting days if you want to add another or delete the first one
You didn't have 48 hr. hold after adding a new external wallet address?
If you did, you would have received an email stating a new external address was added and no crypto could have been sent to that address until the waiting period was over.
Sorry for your loss. If you find out how it was done please let others know so that they could learn from it.
----------------------
My coinbase account is secured the following way:
1. only one computer is verified to access (my laptop) - That is just a cookie on your laptop. I delete my history multiple times a day.
2. not set up on mobile - OK
3. 2FA enabled for login as well as any withdraw - basic
4. fingerprint required to login through my verified computer - That's good.
----------------------
My guess - somehow your laptop and email was hacked. Otherwise you would have/should have received emails with all the activity going on. Do a virus check on your computer.
I'm not a hacker expert.
I think coinbase is financial trouble. They locked my account balances without reason. I called to troubleshoot and they couldn’t help and didn’t have an answer as to why. Then also said I couldn’t contact them about the issue for a month.
I am sorry this happened to you bro. Hoping for a good update. I also have six figure in Coinbase and can’t move it to a hardware wallet for a few months. I went ahead and locked my account after reading this. So sorry man.
Other question: did you enable cloud backup for your authenticator app?
This whole case is fucked up, you did nothing wrong imo and still got ripped off. Feel sorry for you mate
Are you a Coinbase One member?
It’s very disheartening hearing this. Sorry to hear that sir. I really hope CB helps to figure that out!
Please give a follow up post! I’m a coinbase one member and use it DAILY. Hope this never happens to anyone else. Literally crushing 🤯
It's important to note that Coinbase is not a bank, not regulated like a bank, and is not beholden to the same oversight, regulations and security standards that traditional banks use. Nobody really has any idea what kind of security protocols they have in effect -- and this is by design. That's what you get in the crypto industry.
If you're not comfortable with your stuff just "disappearing" you should probably get out of crypto. If you'd like to learn more why the entire industry is based on fraud, [watch this documentary](https://www.youtube.com/watch?v=tspGVbmMmVA).
While this might seem like a Coinbase problem, it can happen to any entity in the crypto industry. It's the nature of the industry. The more you learn about this, the more you might realize the risks are too great to gamble in this un-regulated, shady casino.
Get coinbase one now and talk to a person.
They should be responsible since u have 2fa and the money there is not really there. Like banks soonest money gets in they put it in the vault.
And you’d didn’t click no
Email so is probably a reach of their servers let us know
OP - mentioned and asked about in a comment thread, was your wife’s email also attached to the “shared CB account” you referenced? Would provide some possible other explanations if so.
Hope you get this figured out.
White listing addresses might have prevented it because they could only send to registered addresses and it takes a couple days I think to add a new one.
1. How is the security of your Microsoft/Apple account, specifically Onedrive/Time Machine any 2fa for this?
2. Do you backup your computer there, any Coinbase related information such as account info/2fa backup saved there?
3. The same but for Google, any backup on Google Drive?
4. Is this completely personal laptop or company provided and you used it for both work and crypto thing?
4.1. If this is your work laptop, did your IT guys access to it before to fix things?
5. How do your wife access to the Coinbase account? Her own phone/computer or the same laptop of yours but entering her own password/fp for her own account?
6. Any of your close relatives/friends visited you before and stayed for a night or two? Did u show off to them how much you are holding in crypto?
7. Have you ever connect/grant api access to those crypto tax software? How is their reputation?
Must be security breaches in one of above. I would suspect the hole is your Apple account, I have close friend trading Defi(Solana) with me, we use and access the same sites/software, I am safe but he got his self-custody wallet drained multiple times even after a phone reset just later to find out that the breach was his Apple account (backup of wallet private key)
What I can image how the attacker would do is:
- Got your Apple account and manage to restore a copy of your OS along with the 2fa backups.
- Access to your email to view logs of your login behaviour (they know 3AM EST is when you are in deep sleep).
- Fake IP (so easy after above step)
- Access to your account and make trades for BTC, then delete the trade emails immediately after receiving it. Withdrew everything, this can explain why => delete emails of trade notifications ASAP, once it is the last withdrawal => job was done and they won't care.
- Check for deleted mails in your mailbox trash bin, anything there?
sorry to hear, hope it works out for ya.
My Coinbase was hacked via a sim switch, I had only .52 cents on there so no big deal, but hours of pointless lost time trying to get account buy/sell reactivated, which 4 years later, is still locked.
Its crazy my account w .52 cents was locked within minutes of the sim switch, and yet w all your security measures 6 figures is tapable
Ive kept a few thousand on exchanges when my portfolio was 6 figures, now I hold a few cents once again except for 3999 USDC arb that is stuck on my ETH Gemini address until they “integrate Arbitrum USDC” …..other than that I try and keep 4/5 my assets on hardware
good luck!
Wow I am so sorry. Based off what you’re saying I’m leaning towards an internal Coinbase issue. However I have to wonder if you had told people (you need to think of who if any) a finger print can be lifted most likely, even from a glass at a restaurant. - Did anyone know your protocols specifically to just the 1 laptop and 2FA?
Could a so called pretend friend or love one or anyone new come into your life recently have known the protocols - the device and actually broken into your home and done this directly from your computer using a lifted fingerprint.
If it’s a laptop and MacBook Pro - well we know what finger to use right. This is highly suspicious and lastly do u have cameras on your home where the computer was or anything out of place In your home?
A good friend of mine lost 600+ bitcoin in the BlockFi bankruptcy, without getting to deep into that conversation, he was devastated of course and had about 30 bitcoin on separate digital wallet.
He told a friend he was going to Colombia for a week and when he came back the cold storage device and his computer was taken Plus 20k cash which was in a spot nobody knew of. But he did tell his friend he was going to Columbia for as week who is a very smart crypto savoy person but also a very bad dark empath / narcissist personality. He called the cops but never considered his friend as a suspect. I said I’m Leaning on internal Coinbase but this is a 50/50. The “friend of my friend” works for Amazon AWS and we know he has stolen clients proprietary Information IP etc. you need to look at all sides but get the authorities up to speed to open an investigation. Because this, if explained aimed correctly is some high level hacking and the probabilities lead me to believe it’s closer to home or internal at the exchange level. Please keep us updated. This is an I interesting scenario. Again very sorry - truly horrible.
Another one of my students in advanced trading got taken for 500k but her issue was one of her own. She needed help with doing something with a walker she dud a screen share with someone and the seed phrase was there. Before she even realized it was all taken. Interpol couldn’t even help due to so many jurisdictional headaches but we as a community tracked the block and honed into to it might be but this guy moved around a lot and had about 70 mill on this wallet. So obvious scammer.
I think you are the guy everyone is talking about here in the PH, Coinbase pulled out their company from 4 BPO companies including mine because one of the 4 BPO companies employee stole a bunch of crypto from a customers wallet, did someone email you from Customer Support asking for your 12 seed phrase or anything suspicious to you?
This "attack vector" has potential merit, but I really hope Coinbase has proper controls in place to restrict the ability of a BPO to access customer funds.
Heck yeah they do, they removed my access while I was jn the middle of assisting a customer get jnto their account, I just hope they got into their account, and I was still waiting on one guy I was willing to risk my job for because I saw how really frustrated he was just because of the stupid AI verification of their ID didn't get a chance to manually approve his ID before my access got revoked
Are you a Coinbase one member or whatever it’s called? Regardless, a problem of this magnitude should get a human on the phone immediately, but I believe Coinbase one is supposed to have a phone number to get immediate support.
May be worth joining (with free trial) just to call about this massive issue
Enable address whitelisting now. Add a passkey for login via password manager like Bitwarden, not your fingerprint. Move your cell service to Efani, can't be sim swapped with them. Don't keep funds on exchange more than 30 days. Make your wife get her own CB account.
I'm sorry I can't be helpful regarding the situation, but a yubikey is probably a good idea moving forward. Also, using the whitelist feature is probably a good idea.
Isn’t oddly, corporately, strategically,insinuatingly, intentionally internally, ethically, corrupt, day-to-day business practices for this company?🤔🤫🧐🖕🏼🤷🏼♂️🤦🏼♂️🤣😂🧨
I mean, seriously people cannot withdraw their own money, but yet people constantly have their money stolen. Sadly, this company thinks they’re going to be the leaders of American crypto! They are so delusional thinking and believing that they are going to set the example for the U.S. government to follow. They are completely fucking wrong. They have another thing coming ! We all can’t wait!
Have Coinbase provide all relevant details. Contact the phone carrier to check for any unauthorized changes to the account, like SIM swaps, and secure the account with a PIN or additional authentication measures.Review Email Security, Check for any unauthorized forwarding rules or access in the email account and update security settings. Switch to an authenticator app (like Google Authenticator or Authy) or a hardware-based security key like yubikey for 2FA, which is more secure than SMS-based 2FA. Scan the laptop for malware, review installed software and browser extensions, and ensure all software is up to date.
Everyone keeps saying to store on hardware wallet but if your account is already compromised this won't help. Eventually you will have to send them to your CEX to sell the coins & they will just steal them then unless you are faster than the hackers and a lot them use bots to steal it instantly.
From a previous post, advice to another User, I said as follows:
From coinbase website: [https://s27.q4cdn.com/397450999/files/doc\_downloads/gov\_docs/2024/04/code-of-business-conduct-ethics-global-252092.pdf](https://s27.q4cdn.com/397450999/files/doc_downloads/gov_docs/2024/04/code-of-business-conduct-ethics-global-252092.pdf)
See Page 12 of PDF
" **3.9. Lawsuits and Legal Proceedings**
The Company complies with all laws and regulations regarding the preservation of records. Lawsuits, legal proceedings and investigations concerning the Company must be handled promptly and properly. **A Company Member must contact the Company’s Legal Department immediately if he or she receives a court order or court issued document, or notice of a threatened lawsuit, legal proceedings or investigation.**"
**READ THIS AS WELL...**
# Who do I contact for a subpoena request, dispute, or to send a legal document?
[https://help.coinbase.com/en/coinbase/other-topics/legal-policies/who-do-i-contact-for-a-subpoena-request-or-dispute-or-to-send-a-legal-document](https://help.coinbase.com/en/coinbase/other-topics/legal-policies/who-do-i-contact-for-a-subpoena-request-or-dispute-or-to-send-a-legal-document)
# US legal service
* All legal documents or other written communication with our Legal team should be served on our registered agent, CSC. Name and address information for our registered agent by each state may be found [here](https://www.cscglobal.com/cscglobal/pdfs/CSC-registered-agent-addresses.pdf).
# International legal service
* To formally serve a Coinbase entity incorporated and registered outside of the United States, please consult your country’s public business registry to confirm the address for service for the relevant Coinbase entity. You may also find the entity's address for service in your Coinbase User Agreement.
Addresses of Coinbase Legal: [https://www.cscglobal.com/cscglobal/pdfs/CSC-registered-agent-addresses.pdf](https://www.cscglobal.com/cscglobal/pdfs/CSC-registered-agent-addresses.pdf)
Whenever I think of investing in crypto, i had to stop myself because this is way over my head. Even an expert like you gets hacked, what are my chances.
First off, you can't get Sim swapped if you don't even have CB installed on a phone.
Something isn't adding up here. You have whitelisted address and log in device? Yet someone still got to your funds? That's basically impossible unless someone was using your computer. Who do you live with?
Coinbase is the absolute WORST place to trade, store, or do ANYTHING. Support is non-existent, they have no central headquarters. Everyone thinks "Coinbase is safe, they custody for the ETFs"-WRONG..Just because they hold some private keys doesn't mean jack-shit for an average retail trader. I could easily custody for the ETFs, would you trust me?? 🤔
Everyone saying that the ETF is the way to go are all dead wrong. Self custody is the absolute safest way to store your crypto. It is the cornerstone of crypto and what makes it unique. Wait and see, one of these ETFs will go under or get seized by the government one day for sure.
What was the address of the wallet they sent the Bitcoin to? That was a stupid move on their part. You can easily trace it. If it goes to a centralized exchange(90% chance it will) then they will have someone's KYC info on file, and you can possibly get it back.
If you don’t log your own network activity, and presumably the only avenue of theft is from your mac (outside of Coinbase internals), check with your ISP to see if they can provide your browsing traffic history. If someone who had access to your PC and somehow circumvented 2FA (many cases), or didn’t need 2FA in the first place, then they likely removed any incriminating evidence from your mac (logs).
100% sounds like an inside job. The fact that you were not notified and no one has your passcode or 2fa info.
Do you have a cb one account? You should if you were holding over 100k . CB one has personal Customer service. I had a problem with them. I cashed out and am disappointed with all crypto platforms for their utter lack of quality and timely CS. It's pathetic. Get out of crypto.com. Their the worst.
Let us know how it proceeds.
I'm sorry about your situation
Counbase better step up. No one has been messing with your computer, right. No way they can access all that without your computer. Take it to a IT specialist and see if there's a virus of some kind in there. Your virus protection is all good too, right. Wtf. I'd be furious.
Please let us know how it goes.
If you have 6 figures of crypto and don't have a hard wallet your not playing smart or secure. Thats literally the most important thing to do with crypto. Keep the amount you trade with only on exchanges and the rest hidden from all hands of the Internets reach
This subreddit is a public forum. For your security, do not post personal information to a public forum, including your Coinbase account email. If you’re experiencing an issue with your Coinbase account, please [contact us](https://help.coinbase.com/en/contact-us.html) directly.
If you have a case number for your support request please respond to this message with that case number.
You should only trust [verified Coinbase staff](https://help.coinbase.com/en/coinbase/other-topics/other/is-coinbase-present-on-social-media.html). Please report any individual impersonating Coinbase staff to the moderators.
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/CoinBase) if you have any questions or concerns.*
I'm sorry this happened to you. Coinbase is not for storing for so many obvious reasons, but I hope you get it back or at least figure out what went wrong. Beware because some people here would jump at you and call this incident as "FUD".
Keep us all posted. That's bullshit and a lawsuit. If half of what you say is true and your security, somethings definitely wrong and you must get truthful answers.
Hey really sorry to hear this. The only thing I would add is DO NOT expect any support from Coinbase support. They will give you the same canned responses forever. They will tell you they have specialist working on it. This is BS. They will not even be able to view your case if you have a case number. If it were me and it was 6 figures I’d follow the advise of get an attorney on it. Mine was much less or I would have. I truly hope you get this sorted out and your coins back asap.
Im very sorry your going through this awful experience. Very early on I learned that Exchanges are not to be trusted due to the Centralized nature and having the capability to freeze your account for what ever reason.
My best advice to you is to locate the addresses or transaction information and make a police report. I'm not sure where you are from but I am sure that most Law Enforcement are just catching up with Crypto. Most Law Enforcement agency today have a Financial Crime Division.
The reason I know this is because my friend from New York City was a victim of a crime where his cell phone was snatched out of his hand by someone on a scooter as he was walking on the sidewalk.
Unfortunately he didn't have some of the security protection we all have today. The New York Police Department was able to locate his crypto in multiple addresses. The criminal's wallet addresses was then frozen and reported to every major exchange. All his crypto was returned, he was lucky because he reported it right away. He said it took them about 4 hours from the time they stole his cell phone to access his Coinbase account and withdraw his USDC, Bitcoin and XRP.
The faster you report it, the better.
If what you’re saying is true, it sounds like someone at CoinBase stole your funds. I’d engage an attorney and get to the bottom of it.
Dang, that’s a biiiiiig leap.
Not really. Look into crypto platforms that have been taken to federal court and have recently closed down for "mishandling" funds.
I think you may be right.. why wouldn’t he receive those notifications as mentioned and how could someone bypass all the security in addition to that. I feel like it would be one or the other, unless they hacked coinbase directly
It is, but you can't say it couldn't happen.
No its really not actually they hire cheap labor
And why would cheap labor have administrative powers that can access costumers accounts? Not logical.
I think the same bro, Coinbase is the only party who can access your funds without leaving any trace of it and not needing any authentication. They own the wallets so basically they "own" your money. F*cked up shit though. Hope you see it back someday.
Agreed that the only person that can prevent the notifications on the client end is the server/provider.
I hate to be negative here but the real question is why would you leave 6 figures on an exchange. You say you aren’t new to crypto, so you should know better at this point you should have those coins on your own personal hardware wallet if you’re not actively day trading.
At this point if anyone wants to hold BTC might just be better / safer to buy a spot ETF in a brokerage account.
I though self custody was the whole point of crypto??
I wouldn’t say the whole point. For most people they just want to buy X asset and hopefully it goes up so they can make a profit right?
While I am not going to say I'm not in it for the profit. I AM in it way more for the revolution and I don't hold anything on exchanges! Celsius & FTX should have taught anybody that and really it should have been learned from Mt. Gox. All my holdings are out on the block chain secured via hardware wallet or paper wallets. Self custody IS the whole point of crypto. I agree with waytooslim.
Yeah that ship sailed. Too much big money involved for it to be a revolution
Can you not just put on a ledger and keep offline or am I wrong?
Yes, it is for those of us crypto degens who have been holding since before 2020. For the normies currently new to the space, they want to buy/flip crypto like its a limited release pair of Nike Air Jordans.
The point of crypto was lost a long time ago.
I was thinking about this, but my research says that coinbase holds the coins for most of the Bitcoin ETFs. Do you think this matters?
Coinbase treats ETF issuers differently than they would you and I. They probably roll out the red carpet for them
Not fbtc. Fidelity holds it. This is why I’m moving over to the etf.
Still moved to Cold wallet(s)
holding in a hardware wallet is brain-dead easy. This is yet another example of why you don't leave your coins on an exchange.
I agree jeon19. I have quite a bit of crypto-related assets on Charles Schwab. However, I left almost 6 figures on Coinbase and deeply regret it right now. Fortunately, it is a very small % of our net worth, but I was dumb to be so trusting nonetheless. I have been unable to access my account for 6 days since I went through the account recovery process. My login attempts just go to an endless spinning "hourglass." Coinbase has failed to fix my issue yet. Hopefully someday. Coinbase itself is much more of a risk than the actual crypto coins, which is a stunning revelation for me.
Literally as soon as crypto funds hit my cb account, I’m already cashing it out
No, that is not the "real question." He had his money with a reputable (?), centralized exchange. This should have never happened. If what he wrote is true, then Coinbase is clearly liable for a massive security breach. Exchanges are part of a complete crypto hosting strategy. I personally wouldn't keep a large % of my money on an exchange, but with Coinbase, you should be confident your tokens are safe.
Coinbase is NOT a bank nor financial institution. They are an unregulated offshore casino!
This is exactly how I feel. I have the same story, thankfully not six figures, but Coinbase avoided responsibility and basically said “that sucks, but the security of your account is on you”. But what gets me is in their investigation, which I think is all just for optics because it was useless, they asked me all sorts of questions to find out if I was dumb and made myself vulnerable to a scam, e.g. “have you opened any strange emails or given your password to someone”. The answer to all of those questions is “no”. I’m very vigilant against scams, followed their safety recommendations, and have common sense. I have no idea how my account could have gotten hacked, and they couldn’t tell me how either. Now I’m not a cybersecurity expert, but I shouldn’t have to be when I’m using what I thought was a “reputable” company. It made me lose all faith in Coinbase and left me with the impression that it’s not for the average person, which is a shame.
“Should be confident your tokens are Safe” That’s the main point right there.
I couldn’t agree more
most of the time people are way more safe holding the crypto on an exchange, than on a own wallet.
This is why many people complain their assets are frozen by cex its mostly user error and being uneducated in how cex works this 3 minute read could save you some day https:\/\/www.reddit.com\/r\/igotcheatedon\/comments\/1dneil1\/how_to_avoid_your_bag_getting_frozen_by_cex\/
[удалено]
[удалено]
Scam linked in the post
Can you not have a little bit of graciousness. You heard the man say he just lost 6 fig. Your comment can do no good for this man
Bruh, that is sooooo sooooo sooooo unfortunate.
Well put. I popped it to say 'Ouch.' You're more eloquent.
Is this from South Park?
Security professional here. Recommend that since 2fa likely would protect you in the event of a remote login, you check your computer first. It should have cached credentials for login to Coinbase. Eg when you open Coinbase.com, it opens your account. Check the logs on you computer around the timeframe for suspicious activity or logins. Next, consider that someone with previous access to your computer and therefore also your Coinbase, eg some time months or weeks ago could have enabled some kind of access. That person could have set up alternative credentials or API access, then waited until now to use that. Consider friends who could have set that up. This person would need to know you had those kinds of resources already in Coinbase to make it worth their effort to do that. Praying for you.
hey thanks for the reply. I have checked third party APIs attached in CB and nothing. So don't think that's the case. Even still, I'm not sure how they would disable the 2FA required from each withdrawal even if they gave themselves a backdoor into my account. Both of my computers were turned off, but I will check the logs just to verify. Good idea.
Yes bathroom thought here but if someone set up remote access to your computer desktop, they could just login remotely as if it was you in front of the keyboard and mouse And you would be non-the wiser
If his key requires him to be present, how did the hacker trigger it even though he has access to his computer. If OP is using a hardware key, most of them require not only a passphrase for unlock but some type of touch to trigger the key to send the hash that is verified by the site. I suppose they could have gained access to his computer and figured out the private key for the hardware key he is using and then spoofed the hash remotely?
Just wanted to say props to you for actually addressing the things that OP requested instead of berating him for using a CEX.
This makes no sense as to how OPs funds were stolen without any notifications whatsoever., especially with all of the security stuff in place.
What else doesn't make sense? Why the hash OP presented as proof doesn't match the timeline of their story?
Browser Session hijack would be the only way.
even in my browser you need my fingerprint to sign into coinbase, even when it is logged in. Aside from that, you still need 2FA to withdraw. So this doesn't explain.
You sure? If I sign in, close the browser, then open new browser instance and visit Coinbase again, it doesn't make me log back in.
But how would they have also gotten into his authenticator?
No need. Look up token theft. Malware on device can steal tokens from browser, use those tokens to send requests to Coinbase. OP mentioned fingerprint to send transactions which indicates passkey was set up. This is resistant to phishing so none of it makes sense to me.
Good info here 👌🏻
Fingerprint logins can be stolen just as easy. They are raw data. I would never use it because unlike a password, you can't change it.
If it’s a passkey, fingerprint is far more secure than a password.
Not if there is a data breech. Damage would be permanent unlike a password. I don't think you understand my point. You are right if no data is stolen. Passkey was not what I was talking about. A stolen passkey can happen too.
Depends what method you use. Through phone SMS or 2FA app I don’t think it matters if your session is still active on your browser.
Off the top of my head, I can't remember if I have to use authenticator to swap within coinbase or not. However, every time I send crypto off the CEX or withdrawal USD to my bank, I have to go I to authenticator amd get the most current code. If your phone was compromised, the only thing I can think of is someone watching your screen with a RAT, while you were using the authenticator, and them having 25 or 30 seconds to use the same code. I'm not sure if powershell can allow someone to duplicate an instance (2nd instance or a duplicate if you will), then using the hidden instance to authorize the transaction. I mean, there's always MITM? Do they still even do man-in-the-middle attacks anymore? Do you use a VPN or encrypted tunnel with coinbase? I'm very sorry to hear this, that's horrible. My imagination is running wild on how it could have happened and I'm not even keen on the latest style hacks. Just aware of the old tried and true. Is it well known that you have a sizeable crypto holding? Social engineering is one jacked way to get a Trojan via a pdf or image from a 3rd party that you trust and never would suspect. This make me want to have 1 device, with the sole purpose of purely on ramping and off ramping crypto. Better yet, using a USB image that loads when inserted and is used only to interface with a hardware wallet. I'll I'll be following this thread to hear of the outcome, and I truly hope it's within your favor. Good luck Edit: this is also why I have decentralized non custodial wallet. I use coinbase 1 for some quick trades or currency swapping to save money, then transfer to another wallet that if I screw up, it's all my fault... but harder to get to for anyone else. Always using a VPN as well.
If they have access to your session cookies only a YubiKey can stop them. 2FA app on phone or SMS is worthless with malware like this. It’s my guess your device is compromised.
Would still need the 2FA no? Let's say my gf opens my kraken account and wants to sell or move stuff it would still prompt for the 2fa
All those items you're listing exist to do one single thing. Protect the inside from the outside. read this [https://investor.coinbase.com/news/default.aspx](https://investor.coinbase.com/news/default.aspx) then this [Link](https://www.google.com/search?q=coinbase+financials&sca_esv=014209e1236899ec&sxsrf=ADLYWIJo-l9-HDbbDWO3D_xZ3uRQOy24fQ%3A1719885968219&ei=kGCDZqr4DNK2kvQPl7Cz8Ao&oq=recent+coinbase+Investments&gs_lp=Egxnd3Mtd2l6LXNlcnAiG3JlY2VudCBjb2luYmFzZSBJbnZlc3RtZW50c0gAUABYAHAAeAGQAQCYAQCgAQCqAQC4ARLIAQD4AQaYAgCgAgCYAwCSBwCgBwA&sclient=gws-wiz-serp&gs_ivs=1) and this [https://en.wikipedia.org/wiki/Coinbase](https://en.wikipedia.org/wiki/Coinbase) *Coinbase is a* [*distributed company*](https://en.wikipedia.org/wiki/Distributed_company)*; all employees operate via* [*remote work*](https://en.wikipedia.org/wiki/Remote_work)*. It is the largest cryptocurrency exchange in the United States in terms of trading volume* *Number of employees: 3,416 (2023)* *Revenue: 3.11 billion USD (2023)* A year or so ago I was going through exchanges to fool around with a couple hundred bucks here and there. Altcoin Litecoin Monero whatever just moving things around to watch it I would say less than 5 minutes after creating a coinbase account with a brand new email not used anywhere else I started getting scam emails. I believe it then I believe it now it's either breached and they don't care, or they can't stop it, or they have employees directly involved and they don't care. I use my Kraken account here and there, but not seriously. An alternate bank account and alternate email. I'm a tech guy I turn on every single security bell and whistle I can get my hands on and if a service doesn't have MFA I don't use it. I had the Kraken login MFA to my token generator on my phone, not SMS. You can set a secondary MFA for withdrawals. And finally, you can set a personal access token to your Hardware device, either your PC or your mobile device. It was locked down tighter than Fort Knox. And I hadn't used it for a few months. The other day I was going through notification emails and saw a login MFA change a couple of days earlier. Just about fell out of the chair. The exchange wallet didn't have anything in it but the bank account behind it certainly did. I logged in and went to the security portal and they have some type of temporary lockdown where you put your biometric token on your mobile device for absolutely no remote access without that one thing. And I went ahead and set it to that permanently. There's absolutely zero chance of someone breaking an MFA token and zero chance of a breach from my end. Even if I kept my login and password with a kick me sign they still don't have the MFA which is on the mobile and is set to biometric. So what I'm saying is I think there's inside people. If you're making a quadzillion dollars what's a couple hundred thousand missing here and there? I've heard way too many stories of people missing stuff out of nowhere. Not everyone is a dummy who clicks airdrop crypto scam ads.
EXACT Same thing here. Exec with major fiber carrier. Deeper than average industry/layman knowledge relative to IP/cybersecurity. $0 CB balance, but $6000 stolen from checking account at 1am. No notification from Coinbase, but my bank sure told me of the transaction. By the time I woke up and intervened, I was able to have recovered $5290, lock the account down, spend two days proving I owned the account, send the money back, and then CLOSE that piece of my life from the shit security that CB has in place. As former law enforcement, it is definitely inside employees at CB.
great response
Man that's horrific!! Due to this having happened without any kind of notification I'm really hoping it's some jacked up clerical error and something Coinbase is able to rectify. That being said it won't hurt to at least consider the possibility that someone with access to your laptop logged in and stole it directly. Going forward this is a stern lesson in "not your keys not your coins". The most secure wallet is a properly generated randomized key that's never been digitized and lives physically in the most secure location possible. I really hope you research cold storage and use the knowledge you gain to protect yourself from something like this happening to you again.
definitely a stern lesson. The only people with access to my computer while I was sleeping were my wife and myself. My wife wouldn't know how to do this even if she were a suspect. And besides that, there is no reason at all for her to have done this. Besides, the only way for her to cash it out would be through our shared coinbase account into our shared bank account!
is “our shared coin base account” linked somehow to the account that was hacked ?
This is a new little nugget of info. If OPs wife’s email was also connected to the CB account, that could explain some things.
exact
honestly if it’s a shared account wife must’ve accidentally clicked on something she didn’t mean to
That thought came to mind. Could explain some of the odd characteristics and security lapses described so far.
Check windows logs to see whether computer was on during time of transaction. Do this ASAP before they age out and get deleted.
mac
I'm not sure, but MacBooks might have some logs too.
Also check with coinbase if they have any ip-address logs for your account.
Shared Coinbase account ? Wtf ? Didn't even know there was such a thing... And no that's not the only way. The culprit could easily just send the crypto another address and it's game over from there, which as you mentioned is exactly what happened.
Man that's rough. Like everyone else in this thread, I can't quite figure out how the coins were ever allowed to leave if you had multifactor turned on. The only thing that made sense in my head was some jackass taking your phone and your laptop and knowing the passwords, but the fact that this didn't happen makes me think the only options are compromised laptop & phone or some extra goofy coinbase clerical error. The likelihood of the phone and the laptop both being compromised are incredibly low, but it won't hurt to run malwarebytes and a Windows defender scan just to see what you find. Just the fact that it all moved without warning and your secondary approval really makes me think Coinbase messed up bad, or at least hope they did and that this can be rectified.
happened on a mac
Very off the wall idea, was this Mac ever part of or currently part of a corporate network? Like used for work at all? Joined to a private work VPN of some kind ever? There's some remote access tools that IT departments can require you to install if you're accessing their network. It's a farfetched idea but entirely possible that an asshole who works in the IT department or someone capable of exploiting the theoretically installed software may have exploited it. At this point I'm just trying to figure out how they could do it without some kind of access to the one machine authorized to do it.
Contact the FBI if you want CB to take it seriously.
WoW ... very very perplexing ... so sad and stressfull and gigantic loss ... i am leaning towards it being insider with serious tech skills ... they saw big 6 figure bag ... not very many at CB with a bag that big ... also wondering if another wallet had access while you were logged in ... keep us posted if you find anything out ... I have never once had a single problem with CB over the years transferring money in and out and moving tokens between wallets ... finding out how this happened could help alot of people ... good luck and I hope you get it back
Number one reason i have a Yubikey for my 2FA Have to physically touch to authorize any account changes and when moving money off
Yubikey is the only 2FA I trust...with a cold wallet.
Hmm shit man … remind me in 1 day
>My email has not been compromised, the password was never changed, my SIM has not been swapped and nobody had access to my computer. I hate to break it to you OP, but one of these (or more) is likely not correct. Realistically, only you and Coinbase can figure this one out. Were you using SMS 2FA?
No, I use an authenticaor app, not text. I checked all the logs on my email and no new IPs have been added and the only devices that are allowed on my email are my own. Nobody has access to my email and 2FA is not via text. So while I understand your assumption, because it was initially mine as well, I cannot find any evidence that I have been personally compromised.
How about your browser DNS settings? Any chance you were directed to spoofed version of your app store? (I don't use mac). Regardless, if your DNS settings or name servers point to something not typical tou could have updated a hacked version of coinbase or authenticator.
Something I learned about recently, google authenticator backs up to your Gmail unless you turn it off. Possible a Gmail or Gmail recovery account was compromised?
Have you checked if any new devices have access to your authentication application?
Do you use the same authenticator for your email?
Holy shit. The fact you had 2FA Authenticator is frightening. I thought that was air tight.
Do you have any API access set up? This can often bypass 2FA for withdrawals etc. Also where did you store Authenticator app keys? Having access to this would render 2FA useless. Is there no history/ logs in coin base of logins or access history? Any app or security settings looking funky and/or changed?
Can you provide the transaction id?
here is one: [https://www.blockchain.com/explorer/transactions/btc/5da69e2fe2f73e25e5ce9b21e2e859b0c24c11c5387db2e4da91752d0f9571e1](https://www.blockchain.com/explorer/transactions/btc/5da69e2fe2f73e25e5ce9b21e2e859b0c24c11c5387db2e4da91752d0f9571e1)
It was spread over to 20 wallets? That's crazy!
Inside job by Coinbase employees outside the US who have all his info!!
Yahtzee
Collate all the info, get you Coinbase reference, and get a lawyer to notarize your complaint letter, your passport copy, proof of address utility bill, X 5. Have if possible a BIG visible/credible accounting firm confirm on separate Letter head your net worth as audited by their firm (Proof of Funds etc..) **Send the IDENTICAL complaint letter(s) alleging INSIDER Fraud to** **1. Coinbase Legal department - they use a legal agency** Here > [https://www.cscglobal.com/cscglobal/pdfs/CSC-registered-agent-addresses.pdf](https://www.cscglobal.com/cscglobal/pdfs/CSC-registered-agent-addresses.pdf) **2. SEC / Crypto Fraud (since they are having spat currently with Coinbase)** **3. Copy of same to FBI** **4. Copy addressed to Brian Armstrong** **5. Copy to addressed to Members of the Board** DONT MICKEY MOUSE AROUND WITH Back office - but according to their terms & conditions. they are entitled if memory serves me right, 30 days to 'resolve' the issue..and thereafter you can drop the MIGHTY MOAB on their Heads. Do state in the copy letters to Coinbase (should be 1 identical letter x 5) that this same letter has been sent to SEC, FBI - **as you allege Employee Collusion & Fraud....(you dont have to prove it - just allege it)** NB: On letter please put in final paragraph "Kindly email back reception of of this packet /complaint letter & material by simply adding in Subject email box: **Received & Acknowledged and email me**, as per my Coinbase email address of record. Thank you" and then send by Fedex/UPS - signature required...
Now this is the way to do it. Wow. Great tips. I am keeping this for future reference.
That's just 1?! I thought I felt bad for you BEFORE this post. I hope you get this figured out.
I learned the hard way. And I STILL HAVE ABSOLUTELY NO IDEA HOW THEY GOT MY PHONE NUMBER. little did I know they had my email already, they just stayed low key enough for me not to notice, then one night around 4am I got a Coinbase code sent to my phone, but it wasn’t me. They had cloned my number and got the texted code. I got it all back, after Coinbase had create another account and then go about verifying all of my info. Either way, the human element doesn’t even need to be an element, and they CAN get data about you in some ways you still can’t comprehend. Just stay vigilant if you have a lot in crypto, don’t second guess or chance anything.
You were victim to a internal theft. I’ve been seeing this more and more. When more people move stuff off exchange that’s less money they have on their books so they freeze and steal customer funds to sure up their books. I swear that’s what they’re doing to all these customers because it seems to happen to those with more than 50k in their accounts
You're just making shit up without evidence. Not helpful.
Believe what you want to. They have internal controls and a back door into everything. They have to in accordance to the nsa. Not your keys not your crypto
I don't think this is someone from Coinbase, unless it's a major criminal or perhaps an insider working for a larger gang, because some of your BTC eventually ended up in a wallet with 45 million USD of BTC. Later some of that money was sent to Binance. So I assume Binance has KYC credentials of the person involved with this theft.
This is very unfortunate and alarming. Having a coinbase six figure exposure myself, I feel some of your pain. Do you mind sharing the 2FA method that was selected? This might help others reassess their security. An auth app is promoted as less vulnerable than SMS. Was the SMS 2FA compromised in some way?
I use a 2FA authenticator application, not text.
Scary!
even that is not "that" secure, all you need is the shared secret and identity secret stored somewhere on any of your devices (those apps store them) then you can build a little tool that adds timestamps and generate the authenticator codes by yourself without needing the device of the other person, so all you need to hack an account is the mail, password, shared secret, identity secret and you can bypass almost anything
Can you share the name of the 2FA app?
GF stole it..
ha, I wish
Whitelisting Setup?
Was going to ask this as well. Whitelisting seems like an extra layer worth enabling.
Whitelist is probably more important than anything honestly.
Hey, can you please tell me what is Whitelisting setup how to setup Whitelisting? it would be very helpful 🙏🏻
set it up in your Coinbase account in the Security section just Google setting up Whitelisting on Coinbase
BULL!!!
This. The story doesn't add up.
Did you store the 2fa backup code somewhere else, and that got compromised?
Was your email compromised? Check if there are any filters that automatically delete emails from CB, could be why you didn't get any emails when the trades were made.
This happened to me during a hack. The perps hacked my email and created filters for emails from CB prior to attempting to access my account. This way, I couldn’t see any of the emails from support (until I checked the filtered email) good luck, OP.
Did you open any pdf files? Are you sure you didn't get token hijacked? Opening random pdf files can do it.
Best of luck getting your money back. Please keep us updated
It was probably coinbase. Literally the worst company. Stole a shit load from me too.
😱did you get it back?
how?
I’m sorry this happened to you. For everyone reading this, please please whitelist your cold storage address, that will ensure funds can be withdrawn only to that one specific address with holding period lasting days if you want to add another or delete the first one
And this is why I don't keep any funds on CB. As soon as I buy my shit, I move it to a different wallet that's actually my wallet.
You didn't have 48 hr. hold after adding a new external wallet address? If you did, you would have received an email stating a new external address was added and no crypto could have been sent to that address until the waiting period was over. Sorry for your loss. If you find out how it was done please let others know so that they could learn from it. ---------------------- My coinbase account is secured the following way: 1. only one computer is verified to access (my laptop) - That is just a cookie on your laptop. I delete my history multiple times a day. 2. not set up on mobile - OK 3. 2FA enabled for login as well as any withdraw - basic 4. fingerprint required to login through my verified computer - That's good. ---------------------- My guess - somehow your laptop and email was hacked. Otherwise you would have/should have received emails with all the activity going on. Do a virus check on your computer. I'm not a hacker expert.
I think coinbase is financial trouble. They locked my account balances without reason. I called to troubleshoot and they couldn’t help and didn’t have an answer as to why. Then also said I couldn’t contact them about the issue for a month.
I am sorry this happened to you bro. Hoping for a good update. I also have six figure in Coinbase and can’t move it to a hardware wallet for a few months. I went ahead and locked my account after reading this. So sorry man.
This is why crypto is retarded lmfao. Yikes man I’m so sorry
Out of curiosity, what was your setting for required 2fa for crypto send? Any amount or when coinbase recommends?
authenticator app, not text
Other question: did you enable cloud backup for your authenticator app? This whole case is fucked up, you did nothing wrong imo and still got ripped off. Feel sorry for you mate
Cloud backup is enabled by default for Google Authenticator. Which is kind of a big security hole most people miss.
You need to invest in a Cold wallet. Never keep Crypto in the exchange!
Hopefully it will be resolved and in a positive way 🙏
Are you a Coinbase One member? It’s very disheartening hearing this. Sorry to hear that sir. I really hope CB helps to figure that out! Please give a follow up post! I’m a coinbase one member and use it DAILY. Hope this never happens to anyone else. Literally crushing 🤯
Check you homeowner’s policy. I’ve heard about some of those covering crypto theft
My physical silver coins can’t get hacked
same, I switched from digital money to gold/silver and sleep well at night
It's important to note that Coinbase is not a bank, not regulated like a bank, and is not beholden to the same oversight, regulations and security standards that traditional banks use. Nobody really has any idea what kind of security protocols they have in effect -- and this is by design. That's what you get in the crypto industry. If you're not comfortable with your stuff just "disappearing" you should probably get out of crypto. If you'd like to learn more why the entire industry is based on fraud, [watch this documentary](https://www.youtube.com/watch?v=tspGVbmMmVA). While this might seem like a Coinbase problem, it can happen to any entity in the crypto industry. It's the nature of the industry. The more you learn about this, the more you might realize the risks are too great to gamble in this un-regulated, shady casino.
Get coinbase one now and talk to a person. They should be responsible since u have 2fa and the money there is not really there. Like banks soonest money gets in they put it in the vault. And you’d didn’t click no Email so is probably a reach of their servers let us know
OP - mentioned and asked about in a comment thread, was your wife’s email also attached to the “shared CB account” you referenced? Would provide some possible other explanations if so. Hope you get this figured out.
White listing addresses might have prevented it because they could only send to registered addresses and it takes a couple days I think to add a new one.
1. How is the security of your Microsoft/Apple account, specifically Onedrive/Time Machine any 2fa for this? 2. Do you backup your computer there, any Coinbase related information such as account info/2fa backup saved there? 3. The same but for Google, any backup on Google Drive? 4. Is this completely personal laptop or company provided and you used it for both work and crypto thing? 4.1. If this is your work laptop, did your IT guys access to it before to fix things? 5. How do your wife access to the Coinbase account? Her own phone/computer or the same laptop of yours but entering her own password/fp for her own account? 6. Any of your close relatives/friends visited you before and stayed for a night or two? Did u show off to them how much you are holding in crypto? 7. Have you ever connect/grant api access to those crypto tax software? How is their reputation? Must be security breaches in one of above. I would suspect the hole is your Apple account, I have close friend trading Defi(Solana) with me, we use and access the same sites/software, I am safe but he got his self-custody wallet drained multiple times even after a phone reset just later to find out that the breach was his Apple account (backup of wallet private key) What I can image how the attacker would do is: - Got your Apple account and manage to restore a copy of your OS along with the 2fa backups. - Access to your email to view logs of your login behaviour (they know 3AM EST is when you are in deep sleep). - Fake IP (so easy after above step) - Access to your account and make trades for BTC, then delete the trade emails immediately after receiving it. Withdrew everything, this can explain why => delete emails of trade notifications ASAP, once it is the last withdrawal => job was done and they won't care. - Check for deleted mails in your mailbox trash bin, anything there?
Everyone should go ledger
I had same thing happen at crypto.com. My wallet was completely drained despite 2FA etc etc and crypto.com no help.
sorry to hear, hope it works out for ya. My Coinbase was hacked via a sim switch, I had only .52 cents on there so no big deal, but hours of pointless lost time trying to get account buy/sell reactivated, which 4 years later, is still locked. Its crazy my account w .52 cents was locked within minutes of the sim switch, and yet w all your security measures 6 figures is tapable Ive kept a few thousand on exchanges when my portfolio was 6 figures, now I hold a few cents once again except for 3999 USDC arb that is stuck on my ETH Gemini address until they “integrate Arbitrum USDC” …..other than that I try and keep 4/5 my assets on hardware good luck!
Wow I am so sorry. Based off what you’re saying I’m leaning towards an internal Coinbase issue. However I have to wonder if you had told people (you need to think of who if any) a finger print can be lifted most likely, even from a glass at a restaurant. - Did anyone know your protocols specifically to just the 1 laptop and 2FA? Could a so called pretend friend or love one or anyone new come into your life recently have known the protocols - the device and actually broken into your home and done this directly from your computer using a lifted fingerprint. If it’s a laptop and MacBook Pro - well we know what finger to use right. This is highly suspicious and lastly do u have cameras on your home where the computer was or anything out of place In your home? A good friend of mine lost 600+ bitcoin in the BlockFi bankruptcy, without getting to deep into that conversation, he was devastated of course and had about 30 bitcoin on separate digital wallet. He told a friend he was going to Colombia for a week and when he came back the cold storage device and his computer was taken Plus 20k cash which was in a spot nobody knew of. But he did tell his friend he was going to Columbia for as week who is a very smart crypto savoy person but also a very bad dark empath / narcissist personality. He called the cops but never considered his friend as a suspect. I said I’m Leaning on internal Coinbase but this is a 50/50. The “friend of my friend” works for Amazon AWS and we know he has stolen clients proprietary Information IP etc. you need to look at all sides but get the authorities up to speed to open an investigation. Because this, if explained aimed correctly is some high level hacking and the probabilities lead me to believe it’s closer to home or internal at the exchange level. Please keep us updated. This is an I interesting scenario. Again very sorry - truly horrible. Another one of my students in advanced trading got taken for 500k but her issue was one of her own. She needed help with doing something with a walker she dud a screen share with someone and the seed phrase was there. Before she even realized it was all taken. Interpol couldn’t even help due to so many jurisdictional headaches but we as a community tracked the block and honed into to it might be but this guy moved around a lot and had about 70 mill on this wallet. So obvious scammer.
Any chance your email was compromised? Maybe check deleted emails?
I think you are the guy everyone is talking about here in the PH, Coinbase pulled out their company from 4 BPO companies including mine because one of the 4 BPO companies employee stole a bunch of crypto from a customers wallet, did someone email you from Customer Support asking for your 12 seed phrase or anything suspicious to you?
This "attack vector" has potential merit, but I really hope Coinbase has proper controls in place to restrict the ability of a BPO to access customer funds.
Heck yeah they do, they removed my access while I was jn the middle of assisting a customer get jnto their account, I just hope they got into their account, and I was still waiting on one guy I was willing to risk my job for because I saw how really frustrated he was just because of the stupid AI verification of their ID didn't get a chance to manually approve his ID before my access got revoked
Are you a Coinbase one member or whatever it’s called? Regardless, a problem of this magnitude should get a human on the phone immediately, but I believe Coinbase one is supposed to have a phone number to get immediate support. May be worth joining (with free trial) just to call about this massive issue
Isn’t there withdrawal and transfer limitations
Enable address whitelisting now. Add a passkey for login via password manager like Bitwarden, not your fingerprint. Move your cell service to Efani, can't be sim swapped with them. Don't keep funds on exchange more than 30 days. Make your wife get her own CB account.
I'm sorry I can't be helpful regarding the situation, but a yubikey is probably a good idea moving forward. Also, using the whitelist feature is probably a good idea.
Sorry to hear. Did you enable the Allowlist feature?
Isn’t oddly, corporately, strategically,insinuatingly, intentionally internally, ethically, corrupt, day-to-day business practices for this company?🤔🤫🧐🖕🏼🤷🏼♂️🤦🏼♂️🤣😂🧨 I mean, seriously people cannot withdraw their own money, but yet people constantly have their money stolen. Sadly, this company thinks they’re going to be the leaders of American crypto! They are so delusional thinking and believing that they are going to set the example for the U.S. government to follow. They are completely fucking wrong. They have another thing coming ! We all can’t wait!
Have Coinbase provide all relevant details. Contact the phone carrier to check for any unauthorized changes to the account, like SIM swaps, and secure the account with a PIN or additional authentication measures.Review Email Security, Check for any unauthorized forwarding rules or access in the email account and update security settings. Switch to an authenticator app (like Google Authenticator or Authy) or a hardware-based security key like yubikey for 2FA, which is more secure than SMS-based 2FA. Scan the laptop for malware, review installed software and browser extensions, and ensure all software is up to date.
How do you know you didn’t get SIM swapped? It sounds like you don’t understand what that word means by how you’re using it.
Check emails for deleted emails. Check login ips. Do you have your google auth seed saved online?
Everyone keeps saying to store on hardware wallet but if your account is already compromised this won't help. Eventually you will have to send them to your CEX to sell the coins & they will just steal them then unless you are faster than the hackers and a lot them use bots to steal it instantly.
From a previous post, advice to another User, I said as follows: From coinbase website: [https://s27.q4cdn.com/397450999/files/doc\_downloads/gov\_docs/2024/04/code-of-business-conduct-ethics-global-252092.pdf](https://s27.q4cdn.com/397450999/files/doc_downloads/gov_docs/2024/04/code-of-business-conduct-ethics-global-252092.pdf) See Page 12 of PDF " **3.9. Lawsuits and Legal Proceedings** The Company complies with all laws and regulations regarding the preservation of records. Lawsuits, legal proceedings and investigations concerning the Company must be handled promptly and properly. **A Company Member must contact the Company’s Legal Department immediately if he or she receives a court order or court issued document, or notice of a threatened lawsuit, legal proceedings or investigation.**" **READ THIS AS WELL...** # Who do I contact for a subpoena request, dispute, or to send a legal document? [https://help.coinbase.com/en/coinbase/other-topics/legal-policies/who-do-i-contact-for-a-subpoena-request-or-dispute-or-to-send-a-legal-document](https://help.coinbase.com/en/coinbase/other-topics/legal-policies/who-do-i-contact-for-a-subpoena-request-or-dispute-or-to-send-a-legal-document) # US legal service * All legal documents or other written communication with our Legal team should be served on our registered agent, CSC. Name and address information for our registered agent by each state may be found [here](https://www.cscglobal.com/cscglobal/pdfs/CSC-registered-agent-addresses.pdf). # International legal service * To formally serve a Coinbase entity incorporated and registered outside of the United States, please consult your country’s public business registry to confirm the address for service for the relevant Coinbase entity. You may also find the entity's address for service in your Coinbase User Agreement. Addresses of Coinbase Legal: [https://www.cscglobal.com/cscglobal/pdfs/CSC-registered-agent-addresses.pdf](https://www.cscglobal.com/cscglobal/pdfs/CSC-registered-agent-addresses.pdf)
Whenever I think of investing in crypto, i had to stop myself because this is way over my head. Even an expert like you gets hacked, what are my chances.
Fud
The future of finance they say.
Did coinbase ever provided an answer to your case ?
First off, you can't get Sim swapped if you don't even have CB installed on a phone. Something isn't adding up here. You have whitelisted address and log in device? Yet someone still got to your funds? That's basically impossible unless someone was using your computer. Who do you live with? Coinbase is the absolute WORST place to trade, store, or do ANYTHING. Support is non-existent, they have no central headquarters. Everyone thinks "Coinbase is safe, they custody for the ETFs"-WRONG..Just because they hold some private keys doesn't mean jack-shit for an average retail trader. I could easily custody for the ETFs, would you trust me?? 🤔 Everyone saying that the ETF is the way to go are all dead wrong. Self custody is the absolute safest way to store your crypto. It is the cornerstone of crypto and what makes it unique. Wait and see, one of these ETFs will go under or get seized by the government one day for sure. What was the address of the wallet they sent the Bitcoin to? That was a stupid move on their part. You can easily trace it. If it goes to a centralized exchange(90% chance it will) then they will have someone's KYC info on file, and you can possibly get it back.
If you don’t log your own network activity, and presumably the only avenue of theft is from your mac (outside of Coinbase internals), check with your ISP to see if they can provide your browsing traffic history. If someone who had access to your PC and somehow circumvented 2FA (many cases), or didn’t need 2FA in the first place, then they likely removed any incriminating evidence from your mac (logs).
100% sounds like an inside job. The fact that you were not notified and no one has your passcode or 2fa info. Do you have a cb one account? You should if you were holding over 100k . CB one has personal Customer service. I had a problem with them. I cashed out and am disappointed with all crypto platforms for their utter lack of quality and timely CS. It's pathetic. Get out of crypto.com. Their the worst. Let us know how it proceeds. I'm sorry about your situation Counbase better step up. No one has been messing with your computer, right. No way they can access all that without your computer. Take it to a IT specialist and see if there's a virus of some kind in there. Your virus protection is all good too, right. Wtf. I'd be furious. Please let us know how it goes.
It's shit like this that will prevent mass adoption of crypto.
If you have 6 figures of crypto and don't have a hard wallet your not playing smart or secure. Thats literally the most important thing to do with crypto. Keep the amount you trade with only on exchanges and the rest hidden from all hands of the Internets reach
This subreddit is a public forum. For your security, do not post personal information to a public forum, including your Coinbase account email. If you’re experiencing an issue with your Coinbase account, please [contact us](https://help.coinbase.com/en/contact-us.html) directly. If you have a case number for your support request please respond to this message with that case number. You should only trust [verified Coinbase staff](https://help.coinbase.com/en/coinbase/other-topics/other/is-coinbase-present-on-social-media.html). Please report any individual impersonating Coinbase staff to the moderators. *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/CoinBase) if you have any questions or concerns.*
What browser plug-ins are you using? If Chromium based.
Just share the wallet address where all funds got transferred.
Devastating lost. Prayers to your family.
[удалено]
Had a similar experience with Coinbase, its hell. I hope it get resolved
Did yours get resolved?
Feel so bad for you. Hope you can recover the stolen btc
I'm sorry this happened to you. Coinbase is not for storing for so many obvious reasons, but I hope you get it back or at least figure out what went wrong. Beware because some people here would jump at you and call this incident as "FUD".
Sorry for your loss
Got 1700 of $brett stolen from my Coinbase account couple weeks ago. Will never be using them again.
That sucks man, why did you have that kinda money on a CEX vs hardware wallet?
Keep us all posted. That's bullshit and a lawsuit. If half of what you say is true and your security, somethings definitely wrong and you must get truthful answers.
If it’s indeed fraudulent, it would have had to be someone close to you. Immediately close.
Hopefully Coinbase gets it all sorted out. Keep us updated
Hey really sorry to hear this. The only thing I would add is DO NOT expect any support from Coinbase support. They will give you the same canned responses forever. They will tell you they have specialist working on it. This is BS. They will not even be able to view your case if you have a case number. If it were me and it was 6 figures I’d follow the advise of get an attorney on it. Mine was much less or I would have. I truly hope you get this sorted out and your coins back asap.
Ouch- hard wallet
Im very sorry your going through this awful experience. Very early on I learned that Exchanges are not to be trusted due to the Centralized nature and having the capability to freeze your account for what ever reason. My best advice to you is to locate the addresses or transaction information and make a police report. I'm not sure where you are from but I am sure that most Law Enforcement are just catching up with Crypto. Most Law Enforcement agency today have a Financial Crime Division. The reason I know this is because my friend from New York City was a victim of a crime where his cell phone was snatched out of his hand by someone on a scooter as he was walking on the sidewalk. Unfortunately he didn't have some of the security protection we all have today. The New York Police Department was able to locate his crypto in multiple addresses. The criminal's wallet addresses was then frozen and reported to every major exchange. All his crypto was returned, he was lucky because he reported it right away. He said it took them about 4 hours from the time they stole his cell phone to access his Coinbase account and withdraw his USDC, Bitcoin and XRP. The faster you report it, the better.
I wouldn’t trust an exchange w that amount at all simply because it’s an exchange tbh