A blockchain address identified by analytics firms Arkham and Lookonchain as the “Coinbase hacker” executed on August 25 a purchase of 38,126 SOL tokens, valued at approximately $7.95 million, after converting DAI to USDC and bridging to the Solana network via deBridge Finance and CoW Protocol swaps.
This acquisition follows a sequence of multimillion-dollar trades by the same wallet, which two months prior sold 26,762 ETH for $69.25 million in a series of onchain transactions first observed and publicized by Lookonchain. On July 7 and July 19, the wallet acquired 4,863 ETH for $12.55 million and 649 ETH for $2.3 million, respectively, demonstrating a pattern of large-scale asset rotations by the actor.
Data aggregated over the past 48 hours shows single trades from this wallet ranging between $500,000 and $3.3 million, split between DAI and USDC. Post-transaction valuation of the newly acquired SOL declined by approximately $200,000 due to Solana’s intra-day price movements, with the asset trading near $200 at the time of publication.
The implicated wallet is associated with the May 15 breach of Coinbase, which resulted in an estimated $330 million in losses across approximately 97,000 user accounts. Reports indicate the exploit involved social engineering and insider collusion rather than conventional backend security failures. Coinbase has acknowledged the breach but maintains that user funds were not held on the compromised systems.
Several exchanges, including Binance and Kraken, have reported curbing similar social engineering attempts in 2025. Nevertheless, the repeated large-scale trades by the same wallet underscore challenges in tracing and intercepting funds once they enter decentralized networks. Efforts by onchain investigators aim to identify intermediary addresses and wallets receiving proceeds from the exploit.
In response to the breach, centralized platforms are reviewing internal access controls and enhancing multi-factor authentication protocols for contractor and support personnel. The incident has reignited industry debates over the security of custodial infrastructures and the role of decentralized custody solutions. Regulators are also monitoring such events to assess whether enhanced oversight or mandatory reporting for large onchain flows may be warranted under emerging crypto regulations.
Comments (0)