On May 8, 2025, Hackers Steal $45M from Coinbase users in a sophisticated phishing campaign, marking one of the largest crypto thefts of the year. Over 2,000 accounts were compromised as attackers exploited stolen credentials to drain funds, including 12,000 ETH and 550 BTC, totaling $45 million. This incident, reported across crypto communities, underscores vulnerabilities in user security practices. This article examines how cyberthieves loot millions, Coinbase’s response, and steps to prevent future attacks.
How Hackers Steal $45M in Crypto
Hackers Steal $45M through a phishing scheme targeting Coinbase users. Attackers posed as customer support, using fake emails, texts, and calls to trick users into revealing login details or private keys. Once accessed, accounts were drained, with funds moved to untraceable wallets. Industry discussions note that stolen credentials were likely obtained from prior data breaches, not a Coinbase system flaw. The attack, spanning a week, affected users globally, with significant losses in ETH and BTC.
Online sentiment highlights the scale, with posts noting a 550 BTC transfer worth $53 million from a Coinbase wallet, though it’s unclear if this ties directly to the theft. The attackers drain $45 million, exploiting weak user security habits, such as reusing passwords across platforms.
The list of 10 wallet addresses believed to be behind the thefts includes:
- bc1qksulmw0scf9en4w22hzh3hvarnrfflyh52mydz
- bc1qjpepgf7nfkm3mlumdru8lgjmsca8cc982f08xd
- bc1qfmc6pkq3u63dzt6w28yxd28fhluqdzcyjfngy2
- bc1q7x2fexw0fcufym04ug7kdk2r6pzfeg00g6xfjk
- bc1qv9p9gcng7u9k8qxcqee5fhxnm8y6zwd4lal3lv
- bc1qm6u4d4a0d6dnlwr22ywwlgzayvtgx6h45v4dln
- bc1qel8as46edjk4h750kem4z280l09294ewj458qk
- bc1qw3ggh8vdjtry04w790pz2w0synz3ewtpfc9rdj
- 0xaDEFbB6082F98BE8f0f7F0323af19eCD216f13B9
- 0x75B09e181a8bCfC4e05DB22B673d92bc55Fee150
Tactics Behind the Phishing Campaign
The cyberthieves loot millions by leveraging advanced phishing tactics. Hackers sent emails mimicking Coinbase’s branding, directing users to fake login pages to capture credentials. Some received texts claiming account issues, prompting calls to fraudulent support lines. Industry discussions reveal these tactics mirror past attacks, like a 2021 Coinbase breach affecting 6,000 users via a 2FA flaw. Unlike that incident, this attack relied on external data leaks, not platform vulnerabilities.
Attackers also used social engineering, convincing users to share private keys or approve transactions. The attackers drain $45 million, highlighting the need for better user education on phishing risks.
Coinbase’s Response to the Theft
Coinbase acted swiftly after detecting the breach. The platform froze affected accounts, notified users, and launched an investigation with law enforcement. Coinbase committed to reimbursing losses, leveraging its $5 billion market cap to cover damages, similar to its 2021 response. Online sentiment praises Coinbase’s transparency but questions its ability to prevent recurring attacks. The company also strengthened security measures, urging users to enable 2FA and update passwords.
Industry discussions note Coinbase’s proactive stance, including partnerships with cybersecurity firms to trace stolen funds. Despite these efforts, the cyberthieves loot millions, raising concerns about platform accountability.
Impact on Users and the Crypto Market
The Hackers Steal $45M incident impacted over 2,000 users, with some losing entire crypto portfolios. Community feedback reflects frustration, as victims face financial and emotional distress. The theft, part of a broader $150 million loss from Coinbase users in a year, fuels skepticism about crypto safety. ETH and BTC prices remained stable, but the attack dented Coinbase’s reputation, despite its 2024 revenue of $6.1 billion.
Attackers drain $45 million, prompting calls for stricter regulations. Industry discussions suggest the incident may push Coinbase to enhance user protections, aligning with Trump-era pro-crypto policies.
Preventing Future Crypto Thefts
To avoid future losses, Coinbase recommends enabling 2FA, using unique passwords, and storing private keys offline. Users should verify emails and avoid clicking suspicious links. Community feedback emphasizes hardware wallets for added security. Coinbase’s ongoing cybersecurity upgrades aim to detect phishing attempts early, but user vigilance remains critical.
Learn more: How Beginners Can Avoid Crypto Phishing Scams
Industry discussions highlight the need for crypto exchanges to invest in AI-driven fraud detection. As cyberthieves loot millions, education campaigns could reduce phishing risks, protecting the $3.2 trillion crypto market.
Looking Ahead After Hackers Steal $45M
The Hackers Steal $45M attack underscores the evolving threat of phishing in crypto. Coinbase users should prioritize security practices, while the platform strengthens its defenses. Investors may monitor Coinbase’s stock, up 16% in 2025, for recovery signs. As crypto adoption grows, preventing attackers from draining millions will shape trust in platforms like Coinbase.
