A Puerto Rico-based crypto investor has filed a lawsuit against Coinbase Global Inc., alleging the exchange is withholding approximately $55 million in stolen stablecoins that were traced to its platform after a 2024 phishing attack.
The lawsuit, filed in a San Francisco federal court, claims that while Coinbase successfully froze the stolen assets, it has refused to return them to the victim for over a year without a direct court order. The plaintiff, identified only as “D.B.”, argues the exchange is unjustly enriching itself by holding the funds. The case highlights the ongoing friction between centralized exchanges and victims of crypto theft, even when stolen assets are successfully located.
The legal battle stems from a hack on August 20, 2024, when the plaintiff lost over $55 million in DAI stablecoin after clicking a malicious link. According to the filing, the link mimicked the legitimate DeFi tool DefiSaver.com but ended in “.app,” which directed the user to a site controlled by the “Inferno Drainer” malware. The attackers immediately moved the funds through the crypto mixing service Tornado Cash before depositing them in a Coinbase account.
This case could establish a significant legal precedent for the responsibility of exchanges in handling verified stolen assets. A ruling against Coinbase may compel platforms to adopt more direct fund recovery processes, while a decision in its favor would reinforce the industry norm of requiring legal orders to mitigate liability, leaving victims in a prolonged state of limbo.
Following the theft, the plaintiff hired on-chain investigation firms Zero Shadow and Five Stones, which successfully traced the laundered funds to a retail account on Coinbase. The lawsuit states that by early December 2024, Coinbase had confirmed the identification of the funds and frozen the account.
Despite providing sworn statements and evidence of ownership, the plaintiff claims Coinbase has not returned the cryptocurrency. The lawsuit includes five counts against the exchange, including unjust enrichment, with the plaintiff seeking the return of any profits Coinbase may have generated from the frozen assets.
The suit also levels seven counts, including fraud and racketeering, against the unknown hackers, identified as "John Doe." It names one Ukrainian individual, Oleksiy Oleksandrovych Goreliikhin, as a party allegedly involved in the laundering of the stolen funds, adding an international dimension to the case. The incident serves as a stark reminder of the sophistication of phishing attacks targeting users of DeFi protocols on chains like Ethereum.
This article is for informational purposes only and does not constitute investment advice.
