A hacker stole $15.9M from Coinbase Commerce, bypassing AML detection

A major breach has happened with Coinbase Commerce. A hacker named “Excite” stole $15.9 million by taking advantage of the platform’s Anti-Money Laundering (AML) system.

A crypto investigator named ZachXBT uncovered an incident involving more than 1,700 questionable USDC transactions. The stolen money was then cleaned through the Polygon and Ethereum networks. A hacker has been showing off expensive buys online, and social media metadata hints at a possible location in Denmark.

1/ Earlier this year in April 2024 a Coinbase Commerce contract saw $15.9M of suspicious outflows indicating a merchant had potentially been exploited.

Shortly after a threat actor with the alias ‘Excite’ began showing off the stolen funds in chats.

Let’s dive in. pic.twitter.com/srM7ksPXPa

— ZachXBT (@zachxbt) December 10, 2024

The theft started on April 21, and the money was spread across three wallets, most of which are still not being used. ZachXBT pointed out that the hacker accidentally showed part of his face in photos he shared, which could help identify him.

The incident brings up important questions about how well Coinbase’s AML system works, especially regarding its failure to spot illegal activities within 16 hours. This gap is worrying, especially considering Coinbase‘s past compliance problems, like a $50 million fine for violations.

Critics say that Coinbase has tough rules for real users, but it has a hard time stopping major crimes. This incident adds to the platform’s problems, including recent scams pretending to be Coinbase Support and stopping Bitcoin payments because of operational issues. ZachXBT pointed out that there might be more people involved in the theft.

TagsBitcoinCoinbase