A victim is suing Coinbase to recover $55M in stolen crypto. The case tests how exchanges handle frozen funds and the legal path to recovery for DeFi users.
A high-stakes legal battle has emerged in California as a plaintiff, identified as D.B., seeks to compel Coinbase to release $55 million in cryptocurrency frozen on its platform. The dispute centers on assets allegedly stolen during a sophisticated phishing attack on August 20, 2024, which drained the victim's wallets of DAI stablecoin. The case highlights the friction between exchange security protocols and the practical realities of asset recovery in the decentralized finance ecosystem.
The incident began when the victim interacted with a malicious link masquerading as the legitimate Ethereum DeFi tool DefiSaver. This site utilized "Inferno Drainer" malware, a tool designed to manipulate smart contract permissions, effectively tricking users into authorizing unauthorized transactions. Once the wallets were compromised, the perpetrators moved the stolen DAI through Tornado Cash, a protocol known for obscuring transaction trails. This obfuscation layer is a standard hurdle in blockchain forensics, yet the victim's agents, Zero Shadow and Five Stones, successfully traced the funds to specific accounts held at Coinbase.
Coinbase has maintained a policy of refusing to release frozen assets without a formal court order, despite the plaintiff providing sworn statements and forensic evidence of ownership. This stance is common among major exchanges to mitigate legal liability, but it forces victims into protracted litigation to regain control of their property. The lawsuit filed by D.B. includes five counts against Coinbase, most notably a claim of unjust enrichment. The plaintiff argues that the exchange may have derived financial benefit from holding the disputed funds over the past eight months and is seeking the return of any profits generated from those assets.
The legal filing expands the scope of the case by naming Oleksiy Oleksandrovych Goreliikhin, a Ukrainian individual, as a participant in the laundering operation. This adds a layer of international complexity to the proceedings, as the movement of illicit funds across borders often complicates law enforcement cooperation and asset recovery efforts. By including seven counts against the unknown "John Doe" hackers—including fraud, theft, and racketeering—the plaintiff is framing the incident as part of a broader, organized criminal enterprise rather than a singular, isolated event.
For market participants, this case underscores the operational risks inherent in managing large-scale digital asset holdings. While Coinbase has not issued a public statement regarding the litigation, the refusal to act without judicial intervention establishes a clear precedent for how major platforms handle disputed custody. The reliance on a constructive trust as a legal mechanism is the plaintiff's attempt to ensure that any appreciation or interest earned on the frozen funds is legally tethered to the original owner.
Investors should note that the resolution of this case will likely hinge on the court's interpretation of the exchange's duty of care versus its liability protections. Until a judge rules, the $55 million remains in a state of limbo, illustrating the difficulty of reversing transactions in a permissionless environment. While the broader market continues to navigate crypto market analysis and regulatory shifts, this lawsuit serves as a reminder that even when on-chain tracing is successful, physical recovery remains subject to the traditional legal system.
For those assessing exposure, the case highlights that the primary risk is not just the initial theft, but the subsequent difficulty of navigating the intersection of decentralized protocols and centralized exchange compliance. The outcome will likely influence how victims of similar hacks approach exchanges in the future, potentially leading to more frequent, high-stakes litigation to force the release of frozen assets.
As the industry matures, the tension between privacy-preserving tools like Tornado Cash and the requirements of centralized exchanges will remain a central point of friction. The involvement of international actors like Goreliikhin further complicates the path to recovery, suggesting that jurisdictional hurdles will continue to be a significant barrier for victims of large-scale digital asset theft.
AI-drafted from named sources and checked against AlphaScala publishing rules before release. Direct quotes must match source text, low-information tables are removed, and thinner or higher-risk stories can be held for manual review.