Human-Targeted Fraud

ZachXBT alleges on social media and Telegram that the scammer, known by the alias Haby (Havard), carried out operations starting in late 2024. Haby reportedly stole 21,000 XRP (approximately $44,000) and an additional $560,000 through Bitcoin wallets.

Leaked group chats reveal that by February 2025, Haby was boasting a wallet balance of $237,000. Videos show the scammer actively conducting social engineering calls and sharing contact information, with his flashy lifestyle compromising operational security.

ZachXBT has called on Canadian authorities to intervene. Haby’s lack of remorse toward victims and the abundance of evidence make the case relatively straightforward, though Canadian law enforcement rarely prosecutes such cyber crimes.

1/ Meet Haby (Havard), a Canadian threat actor who has stolen $2M+ via Coinbase support impersonation social engineering scams in the past year blowing the funds on rare social media usernames, bottle service, & gambling. pic.twitter.com/bBqrV7GmPi

— ZachXBT (@zachxbt) December 29, 2025

Tracking Stolen Crypto

On December 30, 2024, Haby shared a screenshot showing 44,000 USD worth of XRP stolen from a Coinbase user. The funds were sent to the XRP address rN7ddvk4DrGHZUrBfNARJEEAbPkky9Mwcz. A few days later, Haby posted another screenshot from his Exodus wallet, exposing his Telegram and Instagram accounts. ZachXBT matched past balances to identify a second XRP address.

This new address was linked to approximately $500,000 in two additional Coinbase support frauds. Investigations revealed Haby converted the stolen XRP to Bitcoin via instant transactions. Time analysis helped ZachXBT identify Haby’s Bitcoin address. The traced chain revealed multiple addresses were used, and further investigation uncovered three more Coinbase support scams, generating over $560,000 for the scammer.

Human Psychology in Web3

The case illustrates a growing security crisis in the crypto ecosystem. Scammers now target human psychology as much as technical vulnerabilities. North Korean actors attempting over $300 million in fake meetings and Ponzi schemes in India confirm this trend.

Crypto users must remain vigilant beyond technical security measures, as trust and haste remain the scammers’ most potent tools.

Social engineering losses in 2025 mark new breaking points for Web3 security, emphasizing that user caution is unavoidable.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Crypto Detective ZachXBT Exposes $2M Coinbase Scam appeared first on Coin Engineer.

Major Crypto Hack and Losses in August 2025 

Hackers struck a Bitcoin holder, stealing approximately $91.4 million. BtcTurk lost between $48–54 million from its hot wallets. ODIN•FUN suffered $7 million, BetterBank.io lost $5 million, and CrediXFinance experienced $4.5 million in losses. These figures highlight risks from weak private key management, smart contract vulnerabilities, and operational weaknesses in exchanges. 

Organized hacking groups remained active in August. Reports indicate alleged North Korean hackers stole around $1.6 billion in crypto during the first half of 2025, accounting for roughly 70% of global losses. Moreover, social engineering attacks allowed hackers to infiltrate internal systems. By applying for IT jobs with fake identities, they accessed corporate systems and software supply chains. 

RWA Projects and Rising Security Risks 

Real World Asset (RWA) tokenization projects also faced increasing attacks. Certik reports indicate $14.6 million in losses during the first half of 2025. RWA projects combine on-chain infrastructure with off-chain assets, creating multiple weak points for exploitation. This combination of technical and human-based risks provides attackers significant opportunities. 

Rising attacks emphasize the need for stronger security measures. Audits, red team tests, and insurance coverage have become critical. Additionally, strict internal controls are essential to prevent insider threats. By improving these measures, exchanges and investors can better defend against evolving attack patterns. 

August 2025 demonstrated the crucial importance of a robust security culture in the crypto ecosystem. Both individual investors and institutions must strengthen their systems. Every segment of the chain remains exposed to potential losses, and this trend is likely to continue in the coming months. 

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post August 2025 Top Crypto Hack List! appeared first on Coin Engineer.

First seen in Turkey in March 2025, Crocodilus is now active in countries like Poland, Spain, Brazil, Argentina, India, Indonesia, and the U.S., signaling a global expansion that concerns both banks and crypto holders alike.

Fake Apps, Real Intrusions

In Poland, attackers used Facebook ads to lure users with bogus loyalty app promotions. These ads—targeted at users over 35—redirected victims to malware-hosting sites. Once installed, the Trojan bypassed Android 13 restrictions and deployed its attack mechanisms.

You Might Be Interested In: Elon Musk Talks About the Name of a New Memecoin!

In Spain, Crocodilus disguised itself as a browser update. Once on a device, it overlays fake login pages on top of real banking and crypto apps, harvesting sensitive credentials. It even inserts fake “Bank Support” contacts into user phonebooks to aid social engineering efforts.

Crypto Wallets Under Direct Attack

The most alarming upgrade is Crocodilus’ new ability to automatically extract seed phrases and private keys from infected devices. Equipped with advanced parsing modules, the malware can quickly hijack wallet access with remarkable precision.

To avoid detection, the latest variant uses deep obfuscation techniques like XOR encryption and intentionally complex logic, making reverse engineering a challenge for security teams.

Smaller campaigns have also been seen targeting crypto mining apps and digital banks in Europe—highlighting the malware’s growing focus on crypto users.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Crocodilus Malware Expands to Crypto Wallets appeared first on Coin Engineer.

Support Agents Allegedly Bribed, Millions Affected

In a lawsuit filed on May 16 in a New York federal court, plaintiff Paul Bender alleged that Coinbase failed to protect user data during a serious breach. The incident, which began on May 11, involved cybercriminals bribing support agents to gain access to internal systems.

You Might Be Interested In: Elon Musk Talks About the Name of a New Memecoin!

The stolen data included names, addresses, phone numbers, emails, the last four digits of Social Security numbers, bank details, driver’s licenses, passports, and account data like balances and transaction history. The attackers reportedly demanded a $20 million ransom, which Coinbase refused to pay.

At Least Six Lawsuits Allege Negligence, Delayed Response

Between May 15 and 16, at least six lawsuits were filed against Coinbase. Plaintiffs allege the exchange failed to maintain proper security measures, delayed informing users, and offered no meaningful steps to mitigate harm.

One California-based lawsuit demands Coinbase delete all sensitive data and hire independent auditors to evaluate its systems. Another suit added a claim of unjust enrichment, arguing that Coinbase underinvested in data security to boost profits.

In a filing with the U.S. Securities and Exchange Commission (SEC), Coinbase estimated potential reimbursement costs to range between $180 million and $400 million. The company has pledged to compensate users who were tricked into sending crypto due to phishing scams linked to the data breach.

Following the news, Coinbase (COIN) shares initially dropped 7% to $244, but recovered with a 9% gain, closing at $266 on May 16.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Coinbase Faces Legal Firestorm After Massive Customer Data Breach appeared first on Coin Engineer.

Seed Phrase Trap: Social Engineering at Its Worst

Ed Suman, a 67-year-old former fabricator for top artists like Jeff Koons, spent decades in the art world before shifting his focus to cryptocurrency investing. Over time, he amassed 17.5 Bitcoin (BTC) and 225 Ethereum (ETH) — the core of his retirement portfolio — stored safely in a Trezor Model One hardware wallet.

But in March, he received a text message that appeared to be from Coinbase, alerting him to suspicious account activity. He replied, and shortly afterward, a man calling himself “Brett Miller from Coinbase security” called him.

You Might Be Interested In: Elon Musk Talks About the Name of a New Memecoin!

The caller seemed legitimate, even referencing Suman’s use of a hardware wallet. Over the phone, he walked Suman through a supposed “security procedure,” which required him to enter his seed phrase into a site that perfectly mimicked Coinbase’s interface.

A second scam call came nine days later. After following the same process again, all of Suman’s crypto was gone.

Real Data Breach at Coinbase Raises Alarms

Coincidentally or not, Coinbase recently disclosed a data breach where attackers bribed Indian customer support contractors to access private user data — including names, account balances, and transaction histories.

Roughly 1% of monthly users were affected, including Sequoia Capital’s managing partner Roelof Botha. While no funds were confirmed stolen from him, the incident highlights growing concerns over third-party vulnerabilities.

Coinbase has since fired the compromised contractors and is planning to compensate affected users with a budget between $180 million and $400 million.

Hardware Wallets Are Not Foolproof

Suman’s tragic loss is a painful reminder: Seed phrases should never be entered into any website, regardless of how authentic it looks. The biggest threat in crypto isn’t always technology — it’s human manipulation.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Retired Artist Loses $2M in Crypto to Fake Coinbase Site appeared first on Coin Engineer.

Coinbase has promised compensation to all affected users. The company will also cover losses for users deceived by social engineering attacks during this process, aiming to maintain user trust. Additionally, Coinbase created a $20 million reward fund to incentivize information leading to the identification of the attackers. The crypto exchange has started implementing new security measures to prevent user harm. 

Coinbase Cyber Attack

In a clear stance shared on X , Coinbase CEO Brian Armstrong stated: 

“We will not pay ransom to extortionists. Instead, we offer a $20 million reward to those who provide information leading to the identification and prosecution of the perpetrators.” 

Following the attack, Coinbase increased its security measures. A new customer support center was established in the US, where identity verification and fraud awareness notifications became mandatory. Moreover, additional identity verification processes were added for high-value transactions. These steps aim to protect user accounts. The company also announced that it will provide regular updates to users in the coming days. 

The Method Behind the Attack 

The attackers attempted to infiltrate the system by bribing some customer representatives working abroad. Coinbase described this as an unusual and complex social engineering attack. However, the attackers did not gain access to sensitive systems. 

Coinbase estimates that less than 1% of users’ data was affected. Nevertheless, it warned customers to remain vigilant against potential fraud risks. This incident has once again highlighted the growing cyber threats in the crypto sector. Last year, India-based WazirX lost $230 million in a similar attack. Coinbase’s breach underscores the urgent need for data security and regulatory measures. 

Security at crypto exchanges has become not only a technological but also a strategic priority. Users should protect their accounts with two-factor authentication and strong passwords. 

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Coinbase Hit by Cyber Attack: CEO Sends Message of No Ransom appeared first on Coin Engineer.

In several now-deleted posts, hackers falsely claimed that Kaito wallets had been compromised and warned users that their funds were no longer safe. However, the Kaito AI team quickly regained control of the accounts and reassured users that Kaito token wallets were unaffected by the breach.

KAITO Token Price Drops!

According to DeFi Warhol, the attackers opened short positions on KAITO tokens before spreading the false information. The goal was to trigger panic selling and cause a price crash, allowing the hackers to profit from their short positions.

You Might Be Interested In: Elon Musk Talks About the Name of a New Memecoin!

The Kaito AI team addressed the incident with the following statement:

“Despite having high-standard security measures in place, we were still compromised. It seems to be similar to other recent X account hacks.”

Rising Cyber Threats in the Crypto Industry!

This incident adds to a growing list of social media hacks, social engineering scams, and cybersecurity concerns within the crypto space. In recent weeks, the Pump.fun and Jupiter DAO accounts were also compromised using similar tactics.

Additionally, Canada’s Alberta Securities Commission issued a warning about the CanCap scam, where malicious actors used fake news and fabricated endorsements from Canadian politicians to promote fraudulent crypto investments. The scammers exploited concerns over a potential trade war between Canada and the United States to lure investors.

Lazarus Group Strikes Again!

State-sponsored hacker group Lazarus has also launched a new scam. They pose as venture capitalists in Zoom meetings and claim to experience audio-visual issues. Victims are then redirected to malicious chatrooms where they are instructed to download a “patch.” This software is designed to steal private crypto keys and other sensitive data from the victim’s device.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Kaito AI and Founder Yu Hu’s X Accounts Hacked! appeared first on Coin Engineer.