tl;dr
ZachXBT recently revealed a $15.9 million theft targeting a vendor on Coinbase Commerce. The theft, which occurred on April 21, involved suspicious USDC outflows and money laundering through Polygon and Ethereum. The criminal, known as "Excite" on social media, flaunted luxury purchases and may be l...
ZachXBT recently uncovered a $15.9 million theft targeting a vendor on Coinbase Commerce. The theft, which occurred on April 21, involved suspicious USDC outflows and money laundering through Polygon and Ethereum. The criminal, known as "Excite" on social media, flaunted luxury purchases and may be located in Denmark.
Questions have been raised about the breach of Coinbase's security and the lack of detection by Coinbase's AML monitoring. The victim's identity remains unknown, and continued investigation is expected to uncover more details.
ZachXBT, a well-known crypto sleuth, revealed the progress of this investigation via social media posts. Zach claimed that the initial theft occurred on April 21, involving more than 1700 suspicious USDC outflows. The culprit swiftly bridged stolen USDC worth over $15.9 million to Polygon and then Ethereum. Afterward, the funds were split into three wallets, with the majority remaining dormant.
The criminal has kept his true identity a secret but nevertheless began flaunting luxury purchases under the username “Excite.” ZachXBT mentioned the possibility of identifying Excite’s real name and questioned how the attacker breached Coinbase’s security. He also highlighted Coinbase's poor history of AML monitoring, citing a $50 million fine it incurred last year for violating compliance laws.
Unfortunately, the victim has not come forward, so very few circumstances are known about them, except their status as a Coinbase Commerce vendor. Continued investigation will hopefully bring more information to light.