How fraudsters stole $37 million from Coinbase Pro users

2024-05-29 10:40

A convincing phishing page and some over-the-phone social engineering allowed a group of crooks to steal over $37 million from unlucky Coinbase Pro users.

Around June 2021, Tomar and his co-conspirators set up a spoofed Coinbase Pro website at CoinbasePro.

"Once victims entered their login credentials into the fake website, an authentication process was triggered. In some instances, victims were tricked into providing their login and authentication information of the real Coinbase website to fraudsters. Other times, victims were tricked into allowing fake Coinbase representatives into executing remote desktop software, which enabled fraudsters to gain control of victims' computers and access their legitimate Coinbase accounts," says the US Deparment of Justice.

In some cases, the fraudsters impersonated Coinbase customer service representatives and tricked the users into providing their two-factor authentication codes over the phone.

Tomar was arrested at the Atlanta airport on December 20, 2023, so the scheme went on for two and a half years - or possibly a bit less, as Coinbase Pro was sunsetted in late 2023.

"After Tomar received the stolen cryptocurrency, he would quickly convert it to other forms of cryptocurrency or move the funds amongst many wallets controlled by Tomar and others. Ultimately, the cryptocurrency was converted into cash which was then distributed to Tomar and his co-conspirators," they added.

News URL

https://www.helpnetsecurity.com/2024/05/29/coinbase-phishing-social-engineering/