A surge in phishing emails is hitting crypto users, with scammers posing as Coinbase and Gemini to steal funds.
These fraudulent messages instruct recipients to create self-custodial wallets using pre-generated recovery phrases—allowing attackers to seize control once assets are deposited.
Some victims have shared screenshots of emails allegedly from Coinbase, warning them of a class-action lawsuit and urging them to switch to a new wallet before an April 1 deadline. The email provides a real download link for Coinbase Wallet but tricks users into using a compromised recovery phrase. Gemini users have reported nearly identical scams, with emails falsely citing a court ruling as the reason for the wallet migration.
Both exchanges have denied any connection to these emails. Coinbase has reminded users it never provides recovery phrases, while Gemini has yet to issue a formal statement.
The phishing campaign follows the SEC’s recent decision to drop lawsuits against both platforms, a fact scammers are exploiting to make their messages seem legitimate. Meanwhile, blockchain security firm CertiK has warned that phishing remains the biggest cybersecurity threat in crypto, accounting for over $1 billion in losses across nearly 300 incidents last year.
Beyond email scams, hackers are also targeting crypto executives directly. Reports indicate that at least three company founders recently thwarted attempts by North Korean hackers posing as potential partners. The attackers invited them to Zoom meetings, then sent fake links disguised as audio fixes, which were actually malware-laden traps.
Former Celsius CEO Alex Mashinsky is asking for a significantly reduced prison sentence ahead of his May 8 sentencing, with his legal team pushing back hard against the U.S. Department of Justice’s call for a 20-year term.
The legal battle against the creators of Samourai Wallet has taken a sharp turn, as defense attorneys accuse federal prosecutors of suppressing a key legal interpretation from the Treasury Department that could dismantle the core of the government’s case.
A decades-long Bitcoin holder has reportedly lost over $300 million in a devastating crypto theft — one of the largest in recent memory.
In a cybersecurity twist that sounds more like espionage fiction than reality, Kraken recently intercepted an attempted infiltration by a North Korean hacker—disguised as a job seeker.