A crypto investor has filed a lawsuit against Coinbase after the exchange froze millions in DAI tied to a major phishing theft and allegedly refused to release the funds without a court order.
Key Takeaways
- Coinbase is facing a lawsuit over frozen DAI connected to a $55 million phishing attack from 2024.
- The plaintiff claims the exchange froze the funds but refused to return them despite proof of ownership.
- Blockchain investigators traced part of the stolen assets to a Coinbase retail user account.
- The case raises broader questions about how crypto exchanges should handle stolen and recoverable digital assets.
What Happened?
A cryptocurrency investor identified only as “D.B.” has sued Coinbase in California federal court over frozen crypto assets linked to a massive phishing theft that took place in August 2024. The lawsuit claims Coinbase froze part of the stolen DAI after investigators traced the funds to an account on the exchange, but later declined to release the assets without a court ruling confirming ownership.
The legal dispute centers around approximately $55 million worth of DAI, a stablecoin pegged to the US dollar, stolen during a sophisticated phishing attack involving a fake DeFi Saver login page.
🔥 COINBASE SUED OVER FROZEN STOLEN CRYPTO
— Coin Bureau (@coinbureau) May 6, 2026
An anonymous crypto whale is suing Coinbase, claiming the exchange refused to return frozen stolen funds tied to a 2024 theft.
The disclosed details closely mirror an August 2024 crypto theft where a whale lost roughly $55M in DAI.… pic.twitter.com/4AUNa7P45l
Coinbase Faces Questions Over Frozen Crypto Funds
According to court filings, the victim allegedly accessed a fraudulent website on Aug. 20, 2024, unknowingly authorizing attackers to gain access to his wallet and drain millions in crypto assets. The attackers reportedly used Inferno Drainer, a scam as a service platform commonly linked to phishing based crypto thefts.
After the theft, the stolen assets were allegedly laundered through Tornado Cash, a crypto mixing service frequently used to obscure blockchain transactions. Investigators later traced part of the funds to a Coinbase retail account.
Blockchain security firms Zero Shadow and Five Stones Intelligence were hired to track the stolen assets. The firms reportedly identified blockchain evidence connecting the laundering activity to Ukrainian citizen Okelsiy Oleksandrovych Gorelikhin.
On Nov. 30, 2024, Zero Shadow informed Coinbase that traceable stolen funds had been deposited into one of its user accounts. According to the complaint, Coinbase later confirmed that the address belonged to a Coinbase retail customer and said it had implemented “friction measures” to prevent the assets from being moved during the investigation.
Plaintiff Claims Coinbase Refused to Return Assets
The lawsuit argues that Coinbase acted appropriately when it initially froze the suspicious funds. However, attorneys for the plaintiff claim the exchange became unreasonable after refusing to return the assets despite receiving sworn statements and ownership documentation.
Court documents state that Coinbase requested a formal court order before releasing the frozen crypto. The plaintiff is now asking the court to officially recognize him as the rightful owner of the assets and direct Coinbase to hand over the funds.
The filing describes the frozen cryptocurrency as “identifiable property traceable to Plaintiff’s stolen assets” and argues that the plaintiff remains the lawful owner despite the laundering attempts.
The case could become an important legal test for how centralized exchanges handle recoverable stolen crypto. Many exchanges freeze suspicious funds after receiving theft reports, but victims often face lengthy legal processes before assets can be returned.
Inferno Drainer Activity Continues to Rise
The attack also highlights the growing threat posed by phishing services like Inferno Drainer. Unlike traditional protocol hacks, these services rely on tricking users into signing malicious wallet approvals.
According to blockchain security firm Blockaid, usage of Inferno Drainer increased sharply throughout 2024. The number of malicious decentralized applications linked to the platform reportedly rose from around 800 at the start of the year to more than 2,400 by the end of the first half of 2024.
The lawsuit arrives during a period of internal restructuring at Coinbase. The exchange recently confirmed workforce reductions as part of Chief Executive Officer Brian Armstrong’s push to make the company more “lean, fast, and AI native.” Reports indicated that some layoffs affected Asia Pacific growth teams connected to Coinbase’s Base network expansion efforts.
CoinLaw’s Takeaway
In my experience, this case shows one of the biggest unresolved issues in crypto today. Exchanges are expected to help victims recover stolen assets, but they also do not want to release funds to the wrong party without legal protection. I found this lawsuit especially important because it could shape how future crypto theft recoveries are handled across centralized exchanges. If courts begin setting clearer standards for frozen crypto disputes, it may finally create a more reliable recovery process for victims of blockchain scams.
