Monahan mentioned Coinbase was warned for months earlier than main exploits, but management nonetheless prioritizes onboarding customers over fixing vulnerabilities.
Crypto safety researcher Taylor Monahan has publicly slammed Coinbase CEO Brian Armstrong and accused the alternate’s management of prioritizing progress over person security.
Safety failures tied to Coinbase Commerce resurfaced as Armstrong unveiled the corporate’s 2026 roadmap.
Previous Wounds, New Roadmap
Responding to Armstrong’s tweet about Coinbase’s high priorities for 2026, which centered on increasing a world “all the things alternate,” scaling stablecoins and funds, and bringing the world on-chain by way of Base, Monahan argued that person safety stays noticeably absent. She wrote,
“Brian nonetheless doesn’t see person security to be a precedence for Coinbase. It price them >$350m in 2025. It may’ve been prevented.”
Monahan claimed that Coinbase had been warned for “months and months and months” about severe safety points. Her frustration traces again to findings revealed by on-chain investigator ZachXBT in December 2024, which detailed a suspected exploit involving Coinbase Commerce.
In response to the investigation, a Coinbase Commerce contract noticed greater than $15.9 million in suspicious USDC outflows on Polygon over a 16-hour interval in April 2024, and funds have been later bridged to Ethereum, swapped into ETH, and break up throughout a number of wallets.
A menace actor utilizing the alias “Excite” allegedly flaunted management of the stolen funds in Telegram chats and on social media, whereas a portion of the belongings was later routed by way of mixers and playing platforms in an try and obscure their origin. The case raised questions on why Coinbase’s AML and transaction monitoring techniques didn’t flag the exercise in actual time, regardless of the scale, velocity, and sample of the outflows.
Monahan had amplified these considerations on the time, criticizing the platform’s failure to deal with the problem. Now, greater than a 12 months later, the blockchain researcher says nothing basic has modified. Reacting to Armstrong’s newest roadmap, she accused the alternate’s management of pushing for extra customers with out first fixing recognized vulnerabilities.
You may additionally like:
“Actually over a 12 months later. And the precedence continues to be ‘convey extra lambs to my slaughterhouse pls.’”
Dealing with of Safety Incidents
ZachXBT, for one, had repeatedly criticized Coinbase over account lockouts and an undisclosed information breach that he says led to person losses. Final 12 months, he claimed that Coinbase locked him out of his account twice inside a month with out rationalization and failed to obviously inform customers a couple of breach that uncovered buyer information.
The pseudonymous investigator had additionally mentioned that he can not advocate the platform resulting from ongoing transparency and safety points. His feedback add to previous criticism, together with claims that weak responses to scams and impersonation assaults contributed to tens of tens of millions of {dollars} in losses between late 2024 and early 2025.
SECRET PARTNERSHIP BONUS for CryptoPotato readers: Use this link to register and unlock $1,500 in unique BingX Change rewards (restricted time provide).
