Ethereum has seen a period of consolidation under the resistance of $2,681 for the past month. Despite this, the price action has been relatively stable.
However, with significant investor accumulation, led by Consensys and others, Ethereum might experience a turning point, potentially signaling a rise in price.
Ethereum Finds Demand From Investors
Investor sentiment has shifted in favor of Ethereum, with a noticeable uptick in accumulation since the beginning of June. After consistent selling toward the end of May, investors have bought over 300,000 ETH, amounting to $778 million since the beginning of June. This growing accumulation signals increased confidence in Ethereum’s future price potential.
One of the key players in this bullish sentiment is Consensys, which reportedly bought over $300 million worth of Ethereum from Galaxy Digital, according to Arkham. This move highlights rising conviction in Ethereum’s long-term value as large entities continue to secure their positions. As these institutional players show confidence in ETH, it could pave the way for broader investor trust.
Ethereum Exchange Net Position Change. Source: Glassnode
Looking at Ethereum’s macro momentum, the IOMAP indicator reveals a strong demand zone between $2,378 and $2,454. This zone holds over 65.11 million ETH, worth nearly $169 billion, making it unlikely for significant sell-offs to occur in the near future. This large accumulation provides stability and protection against sharp declines in Ethereum’s price, which is contributing to the growing bullish sentiment.
As Ethereum remains well-supported by these large investors, the accumulation pattern appears solid. The absence of selling pressure from holders in the demand zone reduces the risk of a drastic price correction, which could otherwise impact the price of ETH.
Ethereum is currently trading at $2,611, still under the key resistance of $2,681. In order to break past this resistance, Ethereum will need further momentum, which could be driven by the ongoing accumulation and positive investor sentiment.
If the local support at $2,583 remains intact, ETH may successfully flip the $2,681 resistance level. Such a breakout would likely propel Ethereum toward the next resistance point at $2,814, extending its recent gains.
However, if broader market sentiment turns bearish or if selling pressure increases, Ethereum could see a dip to $2,500. A drop to this level would invalidate the bullish outlook and prolong the current period of consolidation, making it essential for ETH to maintain its support levels.
REX Shares has filed with the US Securities and Exchange Commission (SEC) to introduce two new exchange-traded funds (ETFs) centered on Ethereum and Solana.
The filing, submitted on May 30, was marked “immediately effective,” signaling that the launch could happen soon.
REX’s New ETF Filings to Test SEC’s Stance on Staking
According to the SEC filing, these ETFs will hold the underlying crypto assets and stake a portion of them.
Each fund plans to invest at least 80% of its assets in either Ethereum or Solana. At least 50% of those holdings will be staked to earn on-chain rewards, which investors will receive as dividend income.
Bloomberg ETF analyst Eric Balchunas highlighted the filing’s significance, noting that it could lead to the launch of the first spot Solana ETF, as current offerings only track Solana futures.
He added that REX leveraged the Investment Company Act of 1940 (40 Act) to fast-track the listing. This allows the firm to bypass the longer and more cumbersome process tied to the Securities Act of 1933 (33 Act).
First-ever staked Ether and Solana ETFs could be launching soon. REX filing went effective (meaning launch likely in near-term). Would also be first-ever spot Solana too (only futures exist curr). This is the benefit of using 40 Act, it’s faster track to mkt but more work/boxes… https://t.co/GzSUbtLkq7
Moreover, these funds will operate as C corporations rather than follow the traditional structure of regulated investment companies (RICs). This structure provides specific tax advantages, particularly for staking-related activities.
James Seyffart, another Bloomberg ETF analyst, called the move a “clever legal and regulatory workaround” to bring staking-based ETFs to market.
“These ETFs are structured as c-corps which is very rare in the ETF world. Only really used for some MLP ETFs that I can think of top of my head. There are pros and cons to the structure but looks like one pro is that this was one way to get some level of signoff from the SEC,” Seyffart stated.
However, he cautioned that the long-term viability of this approach remains uncertain. This is because more efficient structures, such as grantor trusts, could eventually replace C-corp ETFs.
“There might be more efficient vehicles/structures for this type of exposure that come to market in the future. Maybe even later this year. Maybe later than that. There are lots of questions about grantor trusts and their ability to do staking that will likely require input from the IRS. (Grantor trusts are the structure underlying the current spot bitcoin and ethereum ETFs and the structure behind all the other spot crypto ETP filings),” Seyffart added.
On Thursday, the financial regulator clarified that staking models do not automatically qualify as securities. It also noted that additional features like early withdrawal options or bundled services don’t change the regulatory status.
“The Division of Corporation Finance clarified its view that certain proof-of-stake blockchain protocol “staking” activities are not securities transactions within the scope of the federal securities laws,” SEC Commissioner Hester Peirce said.
Social engineering scams are on the rise, and these exploits have particularly targeted Coinbase users throughout the first quarter of 2025. According to a series of investigations by ZachXBT, users have lost over $100 million in funds since December 2024, while annual losses reached $300 million.
After sorting through the complaints made by different users, BeInCrypto spoke with Coinbase Chief Information Security Officer (CISO) Jeff Lunglhofer to understand what makes users vulnerable to these kinds of attacks, how they happen, and what’s being done to stop them.
Gauging the Seriousness of Scams Affecting Coinbase Users
Throughout the first quarter of 2025, several Coinbase users fell victim to social engineering scams. As the leading centralized exchange in a sector where hacks are becoming more sophisticated with time, this reality is no surprise.
In a recent investigation, Web3 researcher ZachXBT reported on several messages he received from different X users who had suffered major withdrawals from their Coinbase accounts.
1/ Over the past few months I imagine you have seen many Coinbase users complain on X about their accounts suddenly being restricted.
This is the result of aggressive risk models and Coinbase’s failure to stop its users losing $300M+ per year to social engineering scams. pic.twitter.com/PjtX7vmjqc
On March 28, ZachXBT revealed a significant social engineering exploit that cost one individual close to $35 million. The crypto sleuth’s further investigations during that period uncovered additional victims of the same exploit, pushing the total stolen in March alone to more than $46 million.
In a separate investigation concluded a month earlier, ZachXBT revealed that $65 million was stolen from Coinbase users between December 2024 and January 2025. He also reported that Coinbase has been quietly grappling with a social engineering scam issue costing its users $300 million a year.
While Coinbase users have been particularly vulnerable to social engineering scams, centralized exchanges, in general, have also been significantly impacted by these increasingly sophisticated attacks.
How Does The Broader Context Reflect This Situation?
Public data regarding the evolution of social engineering scams in recent years is limited and somewhat outdated. Yet, the numbers in the available reports are staggering.
In 2023, the Internet Crime Complaint Center (IC3) under the US Federal Bureau of Investigation (FBI) released its first-ever cryptocurrency report. Investment fraud constituted the largest category of cryptocurrency-related complaints, representing 46% of the nearly 69,500 complaints received, or approximately 33,000 cases.
The FBI’s IC3 reported an increase in crypto-related scams in 2023. Source: IC3.
Investment fraud, or pig butchering, involves false promises of high returns with low risk to lure investors, especially crypto newcomers driven by a fear of missing out on significant gains.
According to the IC3 report, these schemes rely on social engineering and building trust. Criminals use platforms like social media, dating apps, professional networks, or encrypted messaging to connect with their targets.
In 2023, these investment scams resulted in losses of $3.96 billion for users, representing a 53% increase from the previous year. Other social engineering scams, like phishing and spoofing, further constituted $9.6 million in losses.
Coinbase scammers tend to create fake emails that appear legitimate using cloned website images and false Case IDs. They then contact users through spoofed calls, leveraging private information to build trust before sending them these deceptive emails.
Once scammers have convinced users of the interaction’s legitimacy, they exploit the situation to persuade them to transfer funds.
The increasing sophistication of these scams illustrates both the emotional manipulation involved and the particular vulnerability of the victims. They demonstrate that centralized exchanges are often the primary platforms for these exploitations.
ZackXBT’s investigations and user reports on X reveal a gap between the extent of social engineering scams and Coinbase’s apparent management effectiveness.
Public discussions indicate that Coinbase has not flagged theft addresses in common compliance tools.
Victims of scams and users whose funds were frozen are urging Coinbase to take stronger action against this growing and costly issue. Understanding how these scams take place is essential to effectively addressing them.
How Are Coinbase Users Made Victims?
In January, a victim contacted the investigator after losing $850,000. In that instance, the scammer contacted the victim from a spoofed phone number, using personal information likely obtained from private databases to gain their trust.
5/ They then sent a spoofed email which appeared to be from Coinbase with a fake Case ID further gaining trust.
They instructed the victim to transfer funds to a Coinbase Wallet and whitelist an address while “support” verified their accounts security. pic.twitter.com/pOTQpnMfCz
The scammer convinced the victim that their account had suffered multiple unauthorized login attempts by sending them a spoofed email with a fake Case ID. The scammer then instructed the victim to safelist an address and transfer funds to another Coinbase wallet as part of a routine security procedure.
Last October, another Coinbase user lost $6.5 million after receiving a call from a spoofed number impersonating Coinbase support.
The victim was coerced into using a phishing site. Eight months earlier, another victim lost $4 million after a scammer convinced them to reset their Coinbase login.
ZachXBT raised concerns about Coinbase’s lack of reporting the theft addresses in common compliance resources and their perceived inadequate handling of the escalating social engineering issue.
In a conversation with BeInCrypto, Jeff Lunglhofer, Coinbase’s Chief Information Security Officer, shared his version of the events.
Coinbase CISO Addresses Social Engineering Scams
Despite Coinbase’s clear understanding of the widespread harm caused by social engineering scams affecting its users, Lunglhofer stressed that the broader crypto community should address this problem collectively rather than entrusting the responsibility to a single entity.
“In the context of the broader social engineering challenge that’s out there, of course, Coinbase customers are impacted. We’re keenly aware of it. We’ve been rolling [out] a number of control improvements to help protect our users, and, I think more importantly, we are working with the broader industry to bring these ideas and these control uplifts across the industry, across all crypto exchanges, across everything,” Lunglhofer told BeInCrypto.
Coinbase’s CISO referenced the exchange’s collaborative efforts with other platforms to combat this problem in his reply.
Specifically, Lunglhofer pointed to the “Tech Against Scams” initiative, a partnership with industry players like Match Group, Meta, Kraken, Ripple, and Gemini to fight online fraud and financial schemes.
Lunglhofer also added that Coinbase takes a similar approach when flagging theft addresses.
Why Coinbase Handles Theft Addresses Differently
When BeInCrypto asked Coinbase why it doesn’t publish theft addresses across popular compliance tools, Lunglhofer explained that the exchange has a different procedure for these scenarios.
“We will communicate with other exchanges directly [and] let them know the addresses that we’ve seen where assets have been withdrawn,” he said, adding that “when we see that there’s, in fact, fraudulent [activity], we will pull back all the wallets that are associated with the fraud and we’ll push those out to the other exchanges that we have communications with,” he said.
Lunglhofer also mentioned Crypto ISAC, an intelligence and information-sharing group established by Coinbase in collaboration with various other crypto exchanges and organizations to distribute information related to scams.
Coinbase’s Struggle Against the Flood of Spoofed Content
Lunglhofer admitted that the number of spoofed emails Coinbase identifies or receives in the form of reports far exceeds the exchange’s capacity to take them down.
“Regrettably, they’re a dime a dozen. I can open ten of them in five minutes. It’s super easy to do. So there’s not a lot we can do about that. But, when we identify them [or when] a customer reports them, we do have them taken down,” he said.
Coinbase uses vendors to eliminate circulating spoofs or phishing campaigns in those instances.
“We have several vendors that we use to do takedowns. So anytime we see a fraudulent phone number pop up, anytime we see a fraudulent URL [or] a fraudulent website get established, we will issue those for takedown. We’ll use our vendors to work with the DNS providers and others to bring those down as quickly as possible,” Lunglhofer told BeInCrypto.
Although these preventative measures are essential for the future, they provide minimal recourse for users who have already lost millions of dollars to scams.
Whose Responsibility Is It? User vs. Exchange
Coinbase did not respond to BeInCrypto’s inquiry about developing an insurance policy for users who lost savings to social engineering scams, leaving their approach in this area unclear.
Yet, social engineering scams are complex, relying on significant emotional manipulation to build trust. This complexity raises questions about the degree of responsibility that falls on user vulnerability versus potential shortcomings in the centralized exchange’s user protection measures.
The broader cryptocurrency community generally agrees that more educational materials are necessary to help users distinguish between legitimate communications and scam attempts.
Regarding this issue, Lunglhofer clarified that Coinbase will never call users out of the blue. He also noted that Coinbase has recently implemented different features that act as warnings for users potentially interacting with a scam.
Furthermore, the CISO cited a ‘scam quiz,’ an educational tool that appears as a real-time banner when a user is about to undertake a transaction flagged as suspicious by the exchange.
Though this feature is an advantage, its ability to protect users is hard to quantify, especially regarding how efficiently it flags suspicious activity. Coinbase did not respond when BeInCrypto asked if the exchange internally tracked data related to social engineering scams.
A similar issue arises with Coinbase’s ‘allow lists.’
The $850,000 Coinbase Loss
Coinbase offers a feature that enables users to create a safelist of approved recipient addresses to help prevent transactions to unfamiliar or unverified addresses. Lunglhofer strongly urges Coinbase users to adopt this measure.
“We offer every retail customer the ability to create ‘allow lists’ for wallets that they’re permitted to transfer assets to. On my personal account on Coinbase, I have ‘allow listing’ turned on, and I only have three wallets that are allowed,” Lunglhofer detailed.
However, the $850,000 scam loss suffered by a Coinbase user in January, as revealed by ZachXBT, shows a critical limitation of safelists.
Even after a victim adds a theft address, manipulation leading to this addition can still occur, thereby neutralizing the intended protection.
Can Coinbase Do More to Protect Users?
Sophisticated social engineering scams are a growing threat, creating significant challenges for crypto users. Coinbase users and centralized exchanges in general are particularly affected.
Despite Coinbase’s outlined efforts, the significant financial losses highlight the limitations of current industry-standard measures against determined scammers.
While cooperation is crucial across the board, Coinbase, as a leading platform, must also put more proactive efforts and resources into educating its users.
Social engineering is predominantly a user-driven issue, not a security failure for any exchange. Yet, platforms like Coinbase have the critical responsibility to lead industry-wide initiatives to address these threats.
The millions lost are a stark reminder that vigilance and collective action are paramount in safeguarding users against these increasingly refined and frequent attacks.
Stellar (XLM), an open-source blockchain known for fast and low-cost cross-border payments, is drawing the attention of both retail and institutional investors in 2025.
However, the concentrated distribution of XLM supply and its potential for real-world asset (RWA) applications present opportunities and challenges.
What Does the Concentrated Supply and Rising Exchange Balances Mean?
One major concern about Stellar is the concentration of XLM supply. According to Flipside Crypto, the top 10 XLM wallets hold approximately 25 billion XLM. The total circulating supply is 30.9 billion XLM, meaning nearly 80% of the supply belongs to a small group.
This raises questions about decentralization. A few entities holding large amounts of tokens could significantly influence the market. Meanwhile, about 90% of XLM holders own less than 100 XLM.
This imbalance shows that most retail investors have little impact on price. As a result, the market faces volatility risks if “whales” decide to sell.
Additionally, data from stellar.expert shows that XLM balances on Binance have risen steadily since late 2023, from 180 million XLM to 1 billion XLM. This increase reflects growing demand for trading and signals potential sell pressure if negative news emerges.
At first glance, this kind of data often seems negative for a network’s outlook. However, XLM investors argue that increased circulating supply can indicate growing adoption.
“This isn’t a random distribution — it’s a deliberate strategy… Supply growth is measured and controlled while adoption skyrockets,” an XLM investor commented.
On-chain data further supports this view. Stellar’s active accounts grew from 7.2 million in 2023 to 9.5 million by May 2025. On average, the network adds about 5,000 new wallet addresses daily. This ever-increasing demand helps absorb the circulating XLM.
Signs of Rising XLM Demand in Real World Asset (RWA) Sector
Currently, Stellar ranks as the third-largest protocol in RWA market capitalization, behind only Ethereum and ZKsync Era. Notable players in Stellar’s RWA ecosystem include the Franklin Templeton OnChain US Government Money Fund (valued at $497 million) and Circle’s USDC stablecoin, which holds $345 million on the Stellar network.
Total Value of Assets Tokenized on Networks. Source: RWA.xyz
The total value of RWAs on Stellar has grown nearly 84% in 2025. It rose from $275 million to over $500 million by May. This growth reflects Stellar’s increasing appeal for real-world asset tokenization.
