Home
News
Details

Coinbase Commerce page asks users to enter their mnemonic phrase, raising security concerns.

iconChaincatcher
Share
Share IconShare IconShare IconShare IconShare IconShare IconCopy
AI summary iconSummary

expand icon
A Coinbase Commerce subdomain recently asked users to enter their wallet mnemonic phrases, sparking on-chain news and concerns about a security breach. Security researcher Yuxin labeled the move a major risk, as it exposed users to potential theft. On-chain analyst ZachXBT noted that the page was linked in a help document that has since been removed, which instructed users to import phrases into third-party wallets. He warned that the page could be exploited for social engineering attacks, underscoring the security risk to Coinbase users.

ChainCatcher report, according to Cointelegraph, a subdomain page of Coinbase Commerce prompted users to enter their wallet seed phrases, drawing attention from security researchers. Yu Xian of SlowMist stated that he could not understand why Coinbase would set up such a page, directly requesting users to input their seed phrases in plain text for asset recovery, calling this a serious security risk. On-chain analyst ZachXBT noted that the page was previously referenced in a Coinbase Commerce product help article, which advised users to recover funds by importing their seed phrases into compatible wallets such as Coinbase Wallet or MetaMask, and included a link to the subdomain’s withdrawal tool. The help article has since been removed. ZachXBT also pointed out that if exploited by malicious actors, this page could be used to conduct seed phrase phishing attacks against Coinbase users.

Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.