Coinbase Faces Criticism Over Unsafe Seed Phrase Recovery Page
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
On March 19, 2026, security analysts flagged a Coinbase Commerce subdomain that prompts users to enter their mnemonic seed phrases in plain text for asset recovery. Experts, including SlowMist's founder Yu Xian, criticized this practice as it exposes users to social engineering attacks. The page was part of Coinbase's wind-down process ahead of a March 31 deadline, increasing urgency for users to recover funds. Blockchain investigator ZachXBT highlighted that this setup could be exploited by threat actors to target Coinbase users. The page's flawed design, including a problematic sitemap, allows attackers to replicate it for phishing scams. Coinbase has not yet responded to these concerns or removed the page. Previous reports indicated that users lost over $65 million to social engineering attacks in early 2025, raising alarms about the potential for renewed scams. The situation remains critical as the deadline approaches.
Key Points: • Coinbase Commerce page asks users for plaintext mnemonic phrases, risking social engineering attacks. • Experts warn that the page's design could facilitate phishing scams targeting Coinbase users. • Coinbase has not yet addressed the security concerns raised by analysts.