By Coinbase Security Team
As part of our mission to build a more fair, accessible, efficient, and transparent financial system enabled by crypto, we actively monitor for security threats not only to Coinbase but to the crypto ecosystem as a whole. As we have discussed in our previous blog posts on industry-wide crypto security threats and airdrop phishing campaigns, malicious activity against any crypto user or business is bad for the industry. That’s why it’s important to have a community mindset when we see security threats in the wild. As they say, rising tides lift all boats.
Recently, our security teams have uncovered ongoing mining pool scams targeting users of self-custody wallets. These scams have primarily leveraged malicious smart contracts on the Ethereum network. Based on blockchain research into known scammer wallets, Coinbase estimates these have resulted in the theft of over $50 million in crypto assets from a variety of non-custodial wallet applications. These scams target those using any decentralized wallet browser (e.g. Coinbase Wallet, Metamask, Trust, etc).
The scam typically follows this chain of events:
- Victims are contacted via social media and/or other messaging services by scammers claiming to offer an attractive crypto investment opportunity to stake USDT (Tether) in their wallet for a guaranteed return
- Victims are directed to visit a fraudulent website that can only be accessed via a crypto wallet browser or extension. These websites generally contain fake reviews, endorsements, live-feed payouts, and partner lists to add an appearance of…