Cryptocurrency exchange Coinbase has been sued in a California federal court over frozen digital assets allegedly linked to a $55 million DAI phishing theft that occurred in August 2024. The complaint, filed Monday in San Francisco, claims that after the attacker laundered stolen funds through the crypto mixer Tornado Cash, a portion of the traceable assets was deposited into a Coinbase retail user account, where they remain frozen.
Lawsuit details and claims
The plaintiff, based in Puerto Rico, is asking the court to declare him the rightful owner of the frozen assets and to order Coinbase to return them. The lawsuit also names an unknown John Doe defendant accused of carrying out the theft. According to the filing, Coinbase has acknowledged holding the traced funds but indicated that a court order adjudicating ownership is required before it will release the assets.
Also read: Ethics standoff threatens Senate progress on CLARITY Act crypto bill ahead of Thursday markup
The case highlights a growing problem in crypto theft recovery: exchanges may freeze suspected stolen funds after receiving alerts, but often require a formal court order before returning assets to a claimant. This creates a legal bottleneck for victims who have already identified their stolen cryptocurrency on a centralized platform.
The $55 million exploit and its aftermath
The theft was executed using the malicious Inferno Drainer platform, a scam-as-a-service tool that enables attackers to steal digital assets without exploiting code-level protocol vulnerabilities. The victim was deceived into clicking a malicious link to a fraudulent DeFi Saver login page, which authorized the attacker to access his account and wallets.
Also read: Circle stock surges 15% after strong earnings, $222M ARC token presale fuels stablecoin optimism
After notifying law enforcement, the victim contracted crypto analytics firms Zero Shadow and Five Stones Intelligence to trace the stolen funds. These companies found evidence linking the laundering to Ukrainian citizen Okelsiy Oleksandrovych Gorelikhin. On Nov. 30, 2024, Zero Shadow notified Coinbase that stolen funds had been deposited into a Coinbase address, asking the exchange to freeze the assets. Coinbase confirmed on Dec. 2, 2024, that the address belonged to a retail user and that it had implemented friction measures to prevent dissipation of the funds pending investigation.
Why this case matters for crypto users
This lawsuit underscores a critical gap in the crypto ecosystem: even when stolen funds are traced to a centralized exchange, victims may face legal hurdles to recover their assets. The outcome could set a precedent for how exchanges handle frozen funds in theft cases, potentially clarifying their obligations to victims and law enforcement.
2024 saw a surge in scam-as-a-service tools, with Inferno Drainer usage tripling in the first half of the year, according to blockchain security firm Blockaid. The number of malicious decentralized applications created using the platform rose from roughly 800 at the start of the year to over 2,400 by mid-2024.
Conclusion
The lawsuit against Coinbase reflects a broader tension between the promise of decentralized finance and the practical realities of asset recovery after theft. As phishing attacks and scam tools become more sophisticated, the legal framework for handling stolen crypto on centralized platforms remains unclear. The court’s decision in this case could have lasting implications for how exchanges balance user protection, legal compliance, and victim restitution.
FAQs
Q1: What is the lawsuit about?
The lawsuit claims Coinbase is holding frozen funds that were traced to a $55 million DAI phishing theft from August 2024. The plaintiff wants the court to order Coinbase to return the assets.
Q2: Why won’t Coinbase return the funds without a court order?
Coinbase has indicated that it requires a court order adjudicating ownership before releasing the frozen assets, a common practice among exchanges to avoid legal liability for returning funds to the wrong party.
Q3: What is Inferno Drainer?
Inferno Drainer is a scam-as-a-service platform that provides malicious tools for stealing digital assets without exploiting code-level vulnerabilities. It was used in this theft and has seen increased usage in 2024.
Be the first to comment