As a part of our mission to build a safe and open financial system, we actively monitor for any security threats not only to Coinbase but to the crypto ecosystem as a whole. As we have discussed in our previous blog post on industry-wide crypto security threats, malicious threats against any crypto user or business are bad for the industry. With this community mindset, we do our best to inform and to defend our community from bad actors.
Over the past month, Coinbase Threat Intelligence, Special Investigations, and Global Intelligence teams have been tracking an ongoing phishing campaign on Ethereum, Polygon, Binance Smart Chain, and other EVM-compatible platforms which has unfortunately resulted in the theft of more than $15M in various crypto assets to date. The phishing campaign does not affect customers who custody funds on Coinbase.com. However, anyone who uses self-custody wallets (e.g. Coinbase Wallet, Metamask, etc.) may be at risk.
The campaign works by airdropping fictitious coins into victim wallets and enticing them to visit specially-crafted malicious websites. Below is an example of one such coin: