In a decisive move to bolster Ukraine’s economy and its beleaguered energy infrastructure, the European Union has committed to providing up to €35 billion (approximately $39 billion) as part of a broader loan package orchestrated by the Group of Seven (G7) nations. This substantial financial assistance arrives at a critical juncture as Ukraine continues to grapple with the devastating impacts of the ongoing conflict with Russia.
European Commission President Ursula von der Leyen, speaking alongside President Volodymyr Zelenskyy in Kyiv, emphasized the urgency of the situation. “We should make Russia pay for the destruction it caused,” she asserted, highlighting the EU’s resolve to use profits from frozen Russian central bank assets as collateral for these loans. Although G7 leaders had agreed in June to a $50 billion aid package, the disbursement of funds has been sluggish, prompting calls for expedited action.
Since the onset of the war in February 2022, the EU has already provided over €118 billion ($132 billion) in military and economic support. However, the relentless nature of Russian assaults necessitates further aid. “This loan will flow straight into your national budget,” von der Leyen stated, underscoring the importance of financial flexibility for Ukraine’s recovery efforts.
Rebuilding Energy Infrastructure
A significant portion of the funds will focus on reconstructing Ukraine’s war-ravaged energy grid. With approximately half of the country’s energy infrastructure damaged, rolling blackouts have become commonplace, leaving many regions in darkness for extended periods. As winter approaches, the urgency to restore heating capacity is paramount. “Heating season starts in two weeks, and we will help Ukraine in its brave efforts to overcome this,” von der Leyen noted.
The EU’s strategy includes decentralizing the energy grid to minimize vulnerability to Russian missile strikes. Ukraine’s government plans to utilize funds for urgent repairs, bomb shelters, and enhancements to educational facilities. Moreover, the EU has dispatched over 10,000 generators and mobile gas turbines, which are less susceptible to attacks and easier to repair.
Addressing the Humanitarian Crisis
The influx of Ukrainian refugees, now numbering around 4 million since the conflict began, poses a dual challenge for both Ukraine and the European nations supporting it. Recent weeks have seen a rise in the number of Ukrainians seeking refuge, which could strain European resources and complicate ongoing support for Ukraine. To address this, the EU is offering additional support, including €160 million ($180 million) to further fortify the energy network.
As Zelenskyy and von der Leyen outlined their plans, it was clear that the stakes are high—not just for Ukraine, but for European stability as well. With winter looming, the provision of energy and resources is crucial not only for rebuilding efforts but also for incentivizing displaced citizens to return home.
In conclusion, the EU’s pledge represents a vital lifeline for Ukraine, reinforcing international solidarity in the face of adversity. As both leaders reiterated their commitment to rebuilding and resilience, the world watches closely, aware that the path ahead remains fraught with challenges. The commitment of resources is a testament to the EU’s long-term vision for Ukraine’s recovery and its integration into the European community.
Social engineering scams are on the rise, and these exploits have particularly targeted Coinbase users throughout the first quarter of 2025. According to a series of investigations by ZachXBT, users have lost over $100 million in funds since December 2024, while annual losses reached $300 million.
After sorting through the complaints made by different users, BeInCrypto spoke with Coinbase Chief Information Security Officer (CISO) Jeff Lunglhofer to understand what makes users vulnerable to these kinds of attacks, how they happen, and what’s being done to stop them.
Gauging the Seriousness of Scams Affecting Coinbase Users
Throughout the first quarter of 2025, several Coinbase users fell victim to social engineering scams. As the leading centralized exchange in a sector where hacks are becoming more sophisticated with time, this reality is no surprise.
In a recent investigation, Web3 researcher ZachXBT reported on several messages he received from different X users who had suffered major withdrawals from their Coinbase accounts.
1/ Over the past few months I imagine you have seen many Coinbase users complain on X about their accounts suddenly being restricted.
This is the result of aggressive risk models and Coinbase’s failure to stop its users losing $300M+ per year to social engineering scams. pic.twitter.com/PjtX7vmjqc
On March 28, ZachXBT revealed a significant social engineering exploit that cost one individual close to $35 million. The crypto sleuth’s further investigations during that period uncovered additional victims of the same exploit, pushing the total stolen in March alone to more than $46 million.
In a separate investigation concluded a month earlier, ZachXBT revealed that $65 million was stolen from Coinbase users between December 2024 and January 2025. He also reported that Coinbase has been quietly grappling with a social engineering scam issue costing its users $300 million a year.
While Coinbase users have been particularly vulnerable to social engineering scams, centralized exchanges, in general, have also been significantly impacted by these increasingly sophisticated attacks.
How Does The Broader Context Reflect This Situation?
Public data regarding the evolution of social engineering scams in recent years is limited and somewhat outdated. Yet, the numbers in the available reports are staggering.
In 2023, the Internet Crime Complaint Center (IC3) under the US Federal Bureau of Investigation (FBI) released its first-ever cryptocurrency report. Investment fraud constituted the largest category of cryptocurrency-related complaints, representing 46% of the nearly 69,500 complaints received, or approximately 33,000 cases.
The FBI’s IC3 reported an increase in crypto-related scams in 2023. Source: IC3.
Investment fraud, or pig butchering, involves false promises of high returns with low risk to lure investors, especially crypto newcomers driven by a fear of missing out on significant gains.
According to the IC3 report, these schemes rely on social engineering and building trust. Criminals use platforms like social media, dating apps, professional networks, or encrypted messaging to connect with their targets.
In 2023, these investment scams resulted in losses of $3.96 billion for users, representing a 53% increase from the previous year. Other social engineering scams, like phishing and spoofing, further constituted $9.6 million in losses.
Coinbase scammers tend to create fake emails that appear legitimate using cloned website images and false Case IDs. They then contact users through spoofed calls, leveraging private information to build trust before sending them these deceptive emails.
Once scammers have convinced users of the interaction’s legitimacy, they exploit the situation to persuade them to transfer funds.
The increasing sophistication of these scams illustrates both the emotional manipulation involved and the particular vulnerability of the victims. They demonstrate that centralized exchanges are often the primary platforms for these exploitations.
ZackXBT’s investigations and user reports on X reveal a gap between the extent of social engineering scams and Coinbase’s apparent management effectiveness.
Public discussions indicate that Coinbase has not flagged theft addresses in common compliance tools.
Victims of scams and users whose funds were frozen are urging Coinbase to take stronger action against this growing and costly issue. Understanding how these scams take place is essential to effectively addressing them.
How Are Coinbase Users Made Victims?
In January, a victim contacted the investigator after losing $850,000. In that instance, the scammer contacted the victim from a spoofed phone number, using personal information likely obtained from private databases to gain their trust.
5/ They then sent a spoofed email which appeared to be from Coinbase with a fake Case ID further gaining trust.
They instructed the victim to transfer funds to a Coinbase Wallet and whitelist an address while “support” verified their accounts security. pic.twitter.com/pOTQpnMfCz
The scammer convinced the victim that their account had suffered multiple unauthorized login attempts by sending them a spoofed email with a fake Case ID. The scammer then instructed the victim to safelist an address and transfer funds to another Coinbase wallet as part of a routine security procedure.
Last October, another Coinbase user lost $6.5 million after receiving a call from a spoofed number impersonating Coinbase support.
The victim was coerced into using a phishing site. Eight months earlier, another victim lost $4 million after a scammer convinced them to reset their Coinbase login.
ZachXBT raised concerns about Coinbase’s lack of reporting the theft addresses in common compliance resources and their perceived inadequate handling of the escalating social engineering issue.
In a conversation with BeInCrypto, Jeff Lunglhofer, Coinbase’s Chief Information Security Officer, shared his version of the events.
Coinbase CISO Addresses Social Engineering Scams
Despite Coinbase’s clear understanding of the widespread harm caused by social engineering scams affecting its users, Lunglhofer stressed that the broader crypto community should address this problem collectively rather than entrusting the responsibility to a single entity.
“In the context of the broader social engineering challenge that’s out there, of course, Coinbase customers are impacted. We’re keenly aware of it. We’ve been rolling [out] a number of control improvements to help protect our users, and, I think more importantly, we are working with the broader industry to bring these ideas and these control uplifts across the industry, across all crypto exchanges, across everything,” Lunglhofer told BeInCrypto.
Coinbase’s CISO referenced the exchange’s collaborative efforts with other platforms to combat this problem in his reply.
Specifically, Lunglhofer pointed to the “Tech Against Scams” initiative, a partnership with industry players like Match Group, Meta, Kraken, Ripple, and Gemini to fight online fraud and financial schemes.
Lunglhofer also added that Coinbase takes a similar approach when flagging theft addresses.
Why Coinbase Handles Theft Addresses Differently
When BeInCrypto asked Coinbase why it doesn’t publish theft addresses across popular compliance tools, Lunglhofer explained that the exchange has a different procedure for these scenarios.
“We will communicate with other exchanges directly [and] let them know the addresses that we’ve seen where assets have been withdrawn,” he said, adding that “when we see that there’s, in fact, fraudulent [activity], we will pull back all the wallets that are associated with the fraud and we’ll push those out to the other exchanges that we have communications with,” he said.
Lunglhofer also mentioned Crypto ISAC, an intelligence and information-sharing group established by Coinbase in collaboration with various other crypto exchanges and organizations to distribute information related to scams.
Coinbase’s Struggle Against the Flood of Spoofed Content
Lunglhofer admitted that the number of spoofed emails Coinbase identifies or receives in the form of reports far exceeds the exchange’s capacity to take them down.
“Regrettably, they’re a dime a dozen. I can open ten of them in five minutes. It’s super easy to do. So there’s not a lot we can do about that. But, when we identify them [or when] a customer reports them, we do have them taken down,” he said.
Coinbase uses vendors to eliminate circulating spoofs or phishing campaigns in those instances.
“We have several vendors that we use to do takedowns. So anytime we see a fraudulent phone number pop up, anytime we see a fraudulent URL [or] a fraudulent website get established, we will issue those for takedown. We’ll use our vendors to work with the DNS providers and others to bring those down as quickly as possible,” Lunglhofer told BeInCrypto.
Although these preventative measures are essential for the future, they provide minimal recourse for users who have already lost millions of dollars to scams.
Whose Responsibility Is It? User vs. Exchange
Coinbase did not respond to BeInCrypto’s inquiry about developing an insurance policy for users who lost savings to social engineering scams, leaving their approach in this area unclear.
Yet, social engineering scams are complex, relying on significant emotional manipulation to build trust. This complexity raises questions about the degree of responsibility that falls on user vulnerability versus potential shortcomings in the centralized exchange’s user protection measures.
The broader cryptocurrency community generally agrees that more educational materials are necessary to help users distinguish between legitimate communications and scam attempts.
Regarding this issue, Lunglhofer clarified that Coinbase will never call users out of the blue. He also noted that Coinbase has recently implemented different features that act as warnings for users potentially interacting with a scam.
Furthermore, the CISO cited a ‘scam quiz,’ an educational tool that appears as a real-time banner when a user is about to undertake a transaction flagged as suspicious by the exchange.
Though this feature is an advantage, its ability to protect users is hard to quantify, especially regarding how efficiently it flags suspicious activity. Coinbase did not respond when BeInCrypto asked if the exchange internally tracked data related to social engineering scams.
A similar issue arises with Coinbase’s ‘allow lists.’
The $850,000 Coinbase Loss
Coinbase offers a feature that enables users to create a safelist of approved recipient addresses to help prevent transactions to unfamiliar or unverified addresses. Lunglhofer strongly urges Coinbase users to adopt this measure.
“We offer every retail customer the ability to create ‘allow lists’ for wallets that they’re permitted to transfer assets to. On my personal account on Coinbase, I have ‘allow listing’ turned on, and I only have three wallets that are allowed,” Lunglhofer detailed.
However, the $850,000 scam loss suffered by a Coinbase user in January, as revealed by ZachXBT, shows a critical limitation of safelists.
Even after a victim adds a theft address, manipulation leading to this addition can still occur, thereby neutralizing the intended protection.
Can Coinbase Do More to Protect Users?
Sophisticated social engineering scams are a growing threat, creating significant challenges for crypto users. Coinbase users and centralized exchanges in general are particularly affected.
Despite Coinbase’s outlined efforts, the significant financial losses highlight the limitations of current industry-standard measures against determined scammers.
While cooperation is crucial across the board, Coinbase, as a leading platform, must also put more proactive efforts and resources into educating its users.
Social engineering is predominantly a user-driven issue, not a security failure for any exchange. Yet, platforms like Coinbase have the critical responsibility to lead industry-wide initiatives to address these threats.
The millions lost are a stark reminder that vigilance and collective action are paramount in safeguarding users against these increasingly refined and frequent attacks.
Despite the broader market uptick this week, Hedera’s native token HBAR has bucked the trend, registering a 5% decline over the past seven days.
With bearish momentum building, the HBAR token now risks a return to its year-to-date low.
HBAR Slides Below Key Indicators
HBAR’s decline comes as many top cryptocurrencies post modest gains this week, reflecting its divergence from general market sentiment.
Readings from the HBAR/USD one-day chart suggest that this bearish trend could persist in the short term. For example, as of this writing, HBAR trades below the dots that make up its Parabolic SAR (Stop and Reverse) indicator.
This indicator measures an asset’s price trends and identifies potential entry and exit points. When an asset’s price trades below the SAR, it indicates a downtrend. It suggests the market is in a bearish phase, with the potential for further price dips.
Supporting this bearish outlook, HBAR’s Chaikin Money Flow (CMF) remains in the negative territory, signaling a decline in buying volume and a growing presence of sellers in the market. It currently stands at -0.07.
This key momentum indicator measures money flows into and out of an asset. A negative CMF reading, like HBAR’s, signals that selling pressure dominates the market. This means that more investors are offloading the token than accumulating it, a pattern associated with a weakening price trend.
HBAR Tests 20-Day EMA: Will It Hold or Break Toward $0.12?
The daily chart shows HBAR’s decline has pushed it near the 20-day exponential moving average (EMA). This key moving average measures an asset’s average price over the past 20 trading days, giving weight to recent changes.
When the price falls near the 20-day EMA, it signals a potential support level being tested. However, if the price breaks decisively below the EMA, it may confirm sustained bearish momentum and further downside risk.
Therefore, HBAR’s break below the 20-day EMA could lower its price to its year-to-date low of $0.12.
The growing trend of public crypto treasuries has sparked a race among altcoins. Each one vies to be the top choice for companies and institutions looking to establish strategic reserves.
In this race, the XRP community offers several arguments highlighting XRP’s superiority. What are those arguments? This article dives in and explains.
More Companies are Listing XRP as a Treasury Asset
Recently, Webus International, a China-based company, filed Form 6-K with the U.S. Securities and Exchange Commission (SEC). The filing confirmed a plan to build a $300 million strategic reserve focused on XRP.
Webus is not alone. VivoPower International also announced a $121 million XRP reserve plan. Meanwhile, Wellgistics has invested $50 million in XRP.
According to a recent report from BeInCrypto, VivoPower also plans to acquire $100 million worth of XRP through BitGo’s over-the-counter (OTC) desk.
This company just filed for a $300 million dollar XRP reserve.
What’s going on here? Why are companies doing this?
Most people will see this and think its primarily about price speculation but that’s not really the key thing that is happening here — the real strategy here is… pic.twitter.com/6plq0W8Tmm
These actions suggest that large companies worldwide increasingly view XRP as a strategic financial reserve asset.
What Drives Businesses to Choose XRP for Strategic Reserves?
Companies choose Bitcoin as a strategic reserve because they believe in its value-storing capability during inflation. But what motivates them to select altcoins instead?
Altcoins are more volatile and often depend heavily on the transparency and actions of their development teams.
Each altcoin offers a unique value proposition. XRP’s supporters believe they have solid reasons to trust it.
Austin King, co-founder of OmniFDN, suggests that companies might want to integrate XRP into their international payment systems.
They believe XRP’s fast transaction speed and low cost make it ideal for cross-border payments. This could help businesses improve financial efficiency and enhance transparency in global services, like Webus’s ride-hailing platform.
“Most people will see this and think it’s primarily about price speculation, but that’s not really the key thing that is happening here — the real strategy here is to latch onto these rapidly growing crypto networks to share in their growth,” said Austin King.
Analyst Pumpius offers another perspective. He believes this is not just speculation but a strategy to practically leverage the XRP ecosystem. One key development is the integration of RLUSD—Ripple’s stablecoin—into Ripple’s payment solutions.
“XRP isn’t being treated as a crypto — but as an asset for settlement architecture. Webus isn’t betting on price. They’re betting on utility,” Pumpius said.
These arguments are gaining traction, especially as experts predict the GENIUS Act will likely pass. If approved, it could pave the way for RLUSD’s growth.
As of June 2025, RLUSD has a market cap of $369 million. It is designed to support fast, low-cost cross-border transactions, complementing XRP and helping build a more robust financial ecosystem.
Every transaction using RLUSD on the XRP Ledger (XRPL) requires XRP as a transaction fee. This gradually reduces the supply of XRP, which could drive its long-term value.
What are the Risks of Holding XRP as a Strategic Reserve?
Still, XRP remains a highly volatile digital asset. Its price history reveals it dropped over 80% in two major downturns: 2018 and 2021. This raises serious concerns for companies using XRP as part of a strategic reserve.
XRP Price Volatility Over the Past Three Months. Source: BeInCrypto