Coinbase revealed on Tuesday that a sophisticated spoofing operation had stolen over $20 million in crypto by impersonating the company’s brand.
However, with the help of US law enforcement, the group was dismantled using blockchain forensics.
Coinbase Helps Takedown $20 Million Crypto Spoofing Scheme
The takedown, led by the US Secret Service with assistance from Coinbase’s internal security and legal teams, resulted in Chirag Tomar’s arrest and conviction.
Reportedly, Tomar ran a global scam that exploited unsuspecting users through fake Coinbase websites. The official Coinbase Support account confirmed this development in a post on X (Twitter),
“Fake ‘Coinbase’ sites stole $20 million in crypto. We traced the funds and helped the Secret Service arrest the ringleader. Blockchain transparency stops spoofers,” Coinbase Support stated.
According to Coinbase’s Chief Legal Officer, Paul Grewal, Tomar and his co-conspirators operated phishing domains such as CoinbasePro.com. They convinced users to hand over login credentials and two-factor authentication (2FA) codes.
In some cases, the fraudsters posed as Coinbase customer service, leveraging remote access tools to infiltrate real accounts. With this tactic, they siphoned off crypto balances in minutes, with one victim reportedly losing over $240,000 in a single attack.
Grewal described the operation as one of the most impactful takedowns Coinbase has supported, lauding blockchain forensics.
“Unlike cash, which remains the #1 tool for illicit finance worldwide, crypto leaves a permanent, traceable trail,” Grewal wrote in the company blog.
Coinbase’s involvement included tracing stolen funds using blockchain analytics, identifying victims, and preserving forensic evidence.
The US-based exchange emphasized its ongoing investment in real-time fraud detection and partnerships with federal agencies such as the Secret Service and the FBI.
Legal Setbacks and Data Breaches Undermine Coinbase’s Momentum
However, the arrest news comes at a turbulent time for Coinbase itself. The company was hit with a class-action lawsuit from investors just a day earlier.
As BeInCrypto reported, the matter concerned a recent stock decline tied to a high-profile data breach and a $4.5 million fine from the UK’s Financial Conduct Authority (FCA).
The lawsuit alleges Coinbase failed to disclose material risks from a user data leak that compromised sensitive customer information. That breach, which triggered public backlash two weeks ago, was reportedly the result of an insider leak.
Coinbase later confirmed it had refused the perpetrators’ $20 million ransom demand. Instead, it cooperated with law enforcement rather than negotiate with cybercriminals.
The juxtaposition of Coinbase’s proactive role in taking down a spoofing scheme with its recent security controversies highlights the exchange’s dual pressures. On the one hand, it defends its platform. On the other hand, it pushes to uphold user trust amid rising scrutiny.
For Coinbase, the Tomar arrest offers a much-needed win on the consumer protection front. However, it arrives amid internal breaches and mounting legal challenges.
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.
