coin-img-ETHETH-7.02%coin-img-BTCBTC-5.37%coin-img-SOLSOL-5.33%coin-img-ROBOROBO-6.68%coin-img-KATKAT+107.00%coin-img-AITOAITO-40.14%coin-img-CRKCRK+144.50%coin-img-XRPXRP-4.49%coin-img-ETHETH-7.02%coin-img-BTCBTC-5.37%coin-img-SOLSOL-5.33%coin-img-ROBOROBO-6.68%coin-img-KATKAT+107.00%coin-img-AITOAITO-40.14%coin-img-CRKCRK+144.50%coin-img-XRPXRP-4.49%coin-img-ETHETH-7.02%coin-img-BTCBTC-5.37%coin-img-SOLSOL-5.33%coin-img-ROBOROBO-6.68%coin-img-KATKAT+107.00%coin-img-AITOAITO-40.14%coin-img-CRKCRK+144.50%coin-img-XRPXRP-4.49%coin-img-ETHETH-7.02%coin-img-BTCBTC-5.37%coin-img-SOLSOL-5.33%coin-img-ROBOROBO-6.68%coin-img-KATKAT+107.00%coin-img-AITOAITO-40.14%coin-img-CRKCRK+144.50%coin-img-XRPXRP-4.49%

Coinbase Commerce Withdraw Page Prompts Users for Plaintext Mnemonics

Security firm SlowMist_Team reports the Coinbase Commerce withdraw page prompts users to input plaintext mnemonic phrases and guides them to copy these phrases from Google Drive. Blockchain investigator zachxbt warns attackers could exploit this process for social engineering, potentially tricking users into disclosing wallet recovery phrases that grant full access to crypto assets. Security specialists note mnemonic phrases should remain offline and never be entered on web interfaces.
Selected
Disclaimer: The content above is only the author's opinion and does not represent BingX’s stance. It shall not be construed as investment advice from BingX. For details, refer to the Terms and Conditions.