Teenage Hacker Sentenced to 3.5 Years for Defrauding Coinbase Users

A young hacker from the UK named Elliot Gunton and his associates created a sophisticated phishing scam that fooled Coinbase users into divulging their login credentials. They tricked gullible customers into visiting bogus websites that looked a lot like bitcoin exchanges, which compromised their accounts.

These rogue websites were designed with user data collection in mind. The victims’ login credentials were captured and forwarded to the attackers when they tried to get in.

Gunton’s operation was characterized as “highly sophisticated” by Judge Alice Robinson of the Norwich Crown Court, who also noted its complex planning and technological mastery.

Widespread Impact and Significant Losses

Active between 2018 and 2019, this phishing scheme was part of a broader rise in crypto crimes. A 2020 Chainalysis report noted over $4.3 billion worth of cryptocurrencies lost to various hacks and scams during that period.

Gunton, then 17, managed to breach over 500 Coinbase accounts, stealing more than $900,000. One U.S. resident lost over $16,000, while others saw their accounts drained of substantial amounts.

Facing charges of conspiracy to commit fraud outside the UK and money laundering, Gunton pleaded guilty and received a 43-month prison sentence. Coinbase has become a frequent target for impersonation by scammers. A report from Mailsuite on June 24 indicated that Coinbase’s brand was tied to 416 phishing attacks over the past four years.

Scammers posing as Coinbase workers recently stole $1.7 million from a victim’s self-custody wallet on July 8. The victim’s crucial phrase was compromised after they were tricked into clicking on a phishing link.

Coinbase Pro, the exchange’s now-defunct professional trading program, has also been the target of scammers. An Indian individual was accused in May of using a phony Coinbase Pro phishing website to steal $37 million in cryptocurrency from consumers.

According to security company SlowMist, in the second quarter of 2024, phishing was the main reason for cryptocurrency thefts. These examples highlight how dangerous phishing scams continue to be in the bitcoin world.