Key Highlights
- Funds were taken via a phishing attack using a spoof DeFiSaver site.
- The attack leveraged the “Inferno Drainer” scam tool.
- Stolen assets tracked through Tornado Cash before reaching Coinbase.
A Puerto Rico resident identified as D.B. has filed a lawsuit against Coinbase Global, Inc. and Coinbase, Inc. in the United States District Court for the Northern District of California. This lawsuit, filed on Monday, seeks to recover traceable crypto assets that have been stolen and recovered within the exchange.
According to court documents, on August 20, 2024, the plaintiff was targeted in a phishing attack while using the DeFi management app called DefiSaver on the Ethereum blockchain. The perpetrators reportedly directed the user to a spoofed website through a “.app” domain name similar to the official site that ends with a “.com” domain name.
After entering credentials into the fake portal, the attackers gained wallet access through malicious smart contract permissions and drained DAI stablecoins valued at approximately $55 million. The theft was carried out using “Inferno Drainer,” a scam-as-a-service tool linked to multiple crypto theft incidents.
Indirect involvement of Coinbase
Blockchain analysts from Zero Shadow and Five Stones Intelligence were able to track down some of the DAI stolen by the hackers through mixers such as Tornado Cash until they reached a Coinbase retail customer’s account.
Coinbase confirmed receipt of the funds, took steps to “freeze” them using its “friction measures,” and advised the plaintiff that court intervention would be necessary to establish ownership before releasing them.
The complaint alleges that the anonymous hackers, collectively known as John Doe, violated the Computer Fraud and Abuse Act (CFAA) and the Racketeer Influenced and Corrupt Organizations Act (RICO) in connection with the operation of their Inferno Drainer scam.
In suing Coinbase, the plaintiff is asking the court to declare that it owns the DAI and to order the defendant to transfer title of those funds and return them to the plaintiff. Coinbase is not accused of wrongdoing in the theft itself, but is named because it currently holds the frozen funds.
Security measures and broader concerns
Separately, Coinbase has stated that it is working on a multi-year plan to upgrade its infrastructure to be resistant to potential future threats, including those related to quantum computing.
According to a statement shared with The Crypto Times, the company said it is taking steps to strengthen systems that rely on cryptography, particularly as long-term risks evolve.
Possible legal precedent
The case reflects a growing trend in the crypto sector, where victims of hacks and scams seek recovery through civil litigation when stolen funds are traced to centralized exchanges. While platforms like Coinbase may freeze suspicious assets, they typically require legal authorization before releasing them to avoid liability.
The situation also highlights ongoing risks in decentralized finance, particularly from phishing and social engineering attacks, even for users employing advanced security measures. A decision in this case might serve as an important precedent regarding the treatment of stolen and traceable cryptocurrencies by the U.S. judicial system.
