Hacker Exploits Coinbase Commerce to Steal $15.9 Million
A hacker has stolen $15.9 million from a Coinbase Commerce vendor, exploiting the platform's Anti-Money Laundering (AML) system. The theft, uncovered by crypto investigator ZachXBT, involved over 1,700 suspicious USDC transactions and laundering through Polygon and Ethereum. The criminal, using the alias "Excite," has displayed luxury purchases online, with metadata indicating a possible location in Denmark.
The attack began on April 21, with stolen funds split across three wallets, most remaining inactive. ZachXBT noted that the culprit partially revealed his face in social media photos, potentially aiding identification. Questions arise about how Coinbase’s AML system failed to detect these activities within a 16-hour window. This failure raises concerns, especially given Coinbase’s history of compliance issues, including a $50 million fine for violations last year.
Commenters on ZachXBT's posts criticized Coinbase for strict measures against legitimate users while missing significant criminal activities. This incident follows other challenges for the platform, such as scams impersonating Coinbase Support and the removal of Bitcoin payments due to operational issues.
ZachXBT suggested that others may be involved in the theft based on how the funds were divided and emphasized the need to determine how the hacker bypassed Coinbase’s security measures. The failure to flag this activity adds to the platform’s list of vulnerabilities.
The victim has not come forward, complicating efforts to gather details about the breach. The investigation continues, and further updates may clarify the case and the hacker's identity.