Quick Takeaways
- Coinbase temporarily removed a “legacy recovery” tool after experts flagged it for asking users to input seed phrases openly, risking social engineering attacks.
- The page lacked a proper sitemap and was easily cloneable, making it vulnerable to malicious actors creating lookalike sites to steal sensitive info.
- Concerns rose that such official pages could inadvertently encourage risky behaviors, undermining security principles against sharing seed phrases.
- As attackers increasingly rely on phishing and social engineering, Coinbase’s mistake highlights the need for stricter security practices in crypto platforms.
Investigators flagged a Coinbase page that asked users for their seed phrases. The page appeared to be part of Coinbase’s official website. However, security experts soon raised concerns. They warned that the page lacked a proper sitemap. This made it easy for attackers to clone the page and create lookalike sites.
On March 18, blockchain security firm SlowMist’s founder, Cos, shared screenshots of the page. He pointed out it asked users to paste their 12-word recovery phrases in plain text. Cos also noted that some users might get their seed phrases from cloud backups, which isn’t a safe practice.
Shortly after, on-chain investigator ZachXBT suggested the page could be used for social engineering. Attackers might trick users into giving up their seed phrases. The page was hosted on an official Coinbase domain, making the scam appear more trustworthy.
Experts also highlighted that the absence of a sitemap made it easy for bad actors to clone the page. They warned that scammers could copy the interface and host it on similar domains. This could deceive users into sharing sensitive information.
Additionally, some users pointed out behavioral risks. They explained that Coinbase’s page went against key security advice: never share your seed phrase on websites. Such tools could make phishing scams more convincing and harmful.
Coinbase responded quickly. The company confirmed they had removed the problematic tool and were working on a new solution. As of now, the page has been taken offline. Visitors see a message saying the service is unavailable.
This incident shows how attackers now focus more on social engineering. According to security firm Nominis, crypto scams shifted from technical exploits to phishing attempts. As scams become more common, platforms must prioritize user safety and prevent such vulnerabilities.
The episode underscores the importance of strong security practices in crypto technology. Making deliberate choices to protect users helps maintain trust and innovation in the digital currency space.
Beyond the official page itself, experts warned it lacked a proper sitemap, making it easy to clone and weaponize on lookalike domains.
Expand Your Tech Knowledge
Dive deeper into the world of Cryptocurrency and its impact on global finance.
Discover archived knowledge and digital history on the Internet Archive.
Disclaimer
This content is for informational and entertainment purposes only and does not constitute financial or investment advice. Cryptocurrency is highly speculative and carries significant risk, including the potential loss of your entire investment. Do not make financial decisions based on this information. Consult a licensed financial advisor before investing. This site does not offer, sell, or advise on cryptocurrency, securities or other regulated financial products in compliance with SEC and applicable laws. Please do your own research and seek professional advise.
CryptoV1
