The GENIUS Act, a bill of proposed new stablecoin regulations for the US, is up for a Senate vote today. Still, its chances of success remain uncertain, as Democratic opposition remains high.
Democrats on the Senate Banking Committee released harsh criticism of the bill, and their staffers also circulated a scathing letter co-signed by 46 advocacy groups. This blowback took place despite recent bipartisan amendments.
However, this vote failed, and the Act currently faces a make-or-break chance to win again or start over:
“IMO, If the GENIUS Act doesn’t pass the Senate, there will be no meaningful legislation involving crypto before the midterms and, unfortunately, midterms historically go against the party in power. If they can’t get this passed, a more complex Market Structures Bill is highly unlikely… not to mention crypto-related tax legislation or consumer protections,” claimed crypto advocate John Deaton.
Reports claim that the GENIUS Act’s next chance will take place today as part of Senate proceedings that will begin at 3 PM EST.
The crypto industry is strongly in favor of these regulations, with advocacy groups and business leaders both saluting the bill. However, it may not be that easy for one clear reason: stiff Democratic opposition.
Despite some initial support, Congressional Democrats turned on the GENIUS Act due to concerns of legalized corruption and unfair business practices.
Last week, legislators proposed a few bipartisan amendments that would severely handcuff the bill with Big Tech exclusions and new enforcement mechanisms. It’s looking like that may not be enough.
According to several reports, the Senate Banking Committee’s Democrats released a scathing review of the GENIUS Act, and staffers also circulated a hostile letter co-signed by 46 different advocacy groups. These measures don’t necessarily reflect the bill’s chances of success, but they do highlight real opposition.
Democratic staff on the Senate Banking Committee sent around a letter this AM signed by several dozen advocacy orgs opposing the GENIUS Act.
Includes ACRE, AFR, Center for Responsible Lending, Our Revolution, Public Citizen, Tech Oversight Project… pic.twitter.com/pragFvzSKB
— Brendan Pedersen (@BrendanPedersen) May 19, 2025
These criticisms focused on a few key deficiencies. First of all, the GENIUS Act’s amendments would prevent publicly traded Big Tech companies from issuing stablecoins.
However, they wouldn’t stop private firms, notably including Elon Musk’s X. This is one of several alleged loopholes that could eventually lead to blurred lines between banking and commerce.
The letters also address consumer protection in the event of an issuer’s collapse. Considering that Tether and most other prominent stablecoin issuers aren’t US-based, critics worry that the GENIUS Act won’t guarantee users’ assets.
Most of the other concerns were adjacent to these major topics, worrying that the Act is wholly insufficient.
To be clear, it might still pass despite this opposition. The Senate Banking Committee and its allies clearly hate the GENIUS Act, but other Democrats might have a more favorable view. At the moment, we can only wait and see how the vote turns out.
BioNexus Gene Lab Corp, a Wyoming-based healthcare technology company, has become the first Nasdaq-listed company to adopt Ethereum (ETH) as its primary treasury asset.
The announcement was made on March 5. It was accompanied by the release of a strategic whitepaper detailing the company’s rationale for prioritizing Ethereum over Bitcoin (BTC).
“Ethereum offers high liquidity, utility, and stability compared to other digital assets, positioning BGLC as a leader in blockchain-integrated corporate finance,” CEO Sam Tan said.
The company’s whitepaper emphasizes the preference for Ethereum due to its broader utility, significant institutional adoption, and key features that make it ideal for corporate treasury management.
BioNexus also pointed to Ethereum’s institutional credibility. Major financial players like BlackRock, Grayscale, and Fidelity have embraced Ethereum. This lends it legitimacy, which the company believes will ensure its long-term viability.
With growing institutional adoption and real-world applications like tokenized assets and decentralized payments, the company believes Ethereum is set to lead the future of corporate finance.
“We believe Ethereum is more than a digital asset—it is a new financial paradigm. BGLC’s commitment to an Ethereum-first treasury strategy underscores our confidence in its stability, institutional growth, and transformative potential,” the whitepaper read.
Nonetheless, the move comes at a tumultuous time for Ethereum. ETH’s market performance has been shaky, with its value continuously declining since early December.
Over the past month alone, ETH has shed 15.8% of its gains. At press time, it traded at $2,293. As per BeInCrypto data, this represented a slight appreciation of 3.3% over the past day.
Meanwhile, Ethereum ETFs have also majorly recorded outflows since February 20, with the exception of March 4. According to data from SoSo Value, on March 5, the total outflows were recorded at $63.3 million. The outflow was from Grayscale Ethereum Trust (ETHE). Furthermore, other ETFs saw no flows at all.
Social engineering scams are on the rise, and these exploits have particularly targeted Coinbase users throughout the first quarter of 2025. According to a series of investigations by ZachXBT, users have lost over $100 million in funds since December 2024, while annual losses reached $300 million.
After sorting through the complaints made by different users, BeInCrypto spoke with Coinbase Chief Information Security Officer (CISO) Jeff Lunglhofer to understand what makes users vulnerable to these kinds of attacks, how they happen, and what’s being done to stop them.
Gauging the Seriousness of Scams Affecting Coinbase Users
Throughout the first quarter of 2025, several Coinbase users fell victim to social engineering scams. As the leading centralized exchange in a sector where hacks are becoming more sophisticated with time, this reality is no surprise.
In a recent investigation, Web3 researcher ZachXBT reported on several messages he received from different X users who had suffered major withdrawals from their Coinbase accounts.
1/ Over the past few months I imagine you have seen many Coinbase users complain on X about their accounts suddenly being restricted.
This is the result of aggressive risk models and Coinbase’s failure to stop its users losing $300M+ per year to social engineering scams. pic.twitter.com/PjtX7vmjqc
On March 28, ZachXBT revealed a significant social engineering exploit that cost one individual close to $35 million. The crypto sleuth’s further investigations during that period uncovered additional victims of the same exploit, pushing the total stolen in March alone to more than $46 million.
In a separate investigation concluded a month earlier, ZachXBT revealed that $65 million was stolen from Coinbase users between December 2024 and January 2025. He also reported that Coinbase has been quietly grappling with a social engineering scam issue costing its users $300 million a year.
While Coinbase users have been particularly vulnerable to social engineering scams, centralized exchanges, in general, have also been significantly impacted by these increasingly sophisticated attacks.
How Does The Broader Context Reflect This Situation?
Public data regarding the evolution of social engineering scams in recent years is limited and somewhat outdated. Yet, the numbers in the available reports are staggering.
In 2023, the Internet Crime Complaint Center (IC3) under the US Federal Bureau of Investigation (FBI) released its first-ever cryptocurrency report. Investment fraud constituted the largest category of cryptocurrency-related complaints, representing 46% of the nearly 69,500 complaints received, or approximately 33,000 cases.
The FBI’s IC3 reported an increase in crypto-related scams in 2023. Source: IC3.
Investment fraud, or pig butchering, involves false promises of high returns with low risk to lure investors, especially crypto newcomers driven by a fear of missing out on significant gains.
According to the IC3 report, these schemes rely on social engineering and building trust. Criminals use platforms like social media, dating apps, professional networks, or encrypted messaging to connect with their targets.
In 2023, these investment scams resulted in losses of $3.96 billion for users, representing a 53% increase from the previous year. Other social engineering scams, like phishing and spoofing, further constituted $9.6 million in losses.
Coinbase scammers tend to create fake emails that appear legitimate using cloned website images and false Case IDs. They then contact users through spoofed calls, leveraging private information to build trust before sending them these deceptive emails.
Once scammers have convinced users of the interaction’s legitimacy, they exploit the situation to persuade them to transfer funds.
The increasing sophistication of these scams illustrates both the emotional manipulation involved and the particular vulnerability of the victims. They demonstrate that centralized exchanges are often the primary platforms for these exploitations.
ZackXBT’s investigations and user reports on X reveal a gap between the extent of social engineering scams and Coinbase’s apparent management effectiveness.
Public discussions indicate that Coinbase has not flagged theft addresses in common compliance tools.
Victims of scams and users whose funds were frozen are urging Coinbase to take stronger action against this growing and costly issue. Understanding how these scams take place is essential to effectively addressing them.
How Are Coinbase Users Made Victims?
In January, a victim contacted the investigator after losing $850,000. In that instance, the scammer contacted the victim from a spoofed phone number, using personal information likely obtained from private databases to gain their trust.
5/ They then sent a spoofed email which appeared to be from Coinbase with a fake Case ID further gaining trust.
They instructed the victim to transfer funds to a Coinbase Wallet and whitelist an address while “support” verified their accounts security. pic.twitter.com/pOTQpnMfCz
The scammer convinced the victim that their account had suffered multiple unauthorized login attempts by sending them a spoofed email with a fake Case ID. The scammer then instructed the victim to safelist an address and transfer funds to another Coinbase wallet as part of a routine security procedure.
Last October, another Coinbase user lost $6.5 million after receiving a call from a spoofed number impersonating Coinbase support.
The victim was coerced into using a phishing site. Eight months earlier, another victim lost $4 million after a scammer convinced them to reset their Coinbase login.
ZachXBT raised concerns about Coinbase’s lack of reporting the theft addresses in common compliance resources and their perceived inadequate handling of the escalating social engineering issue.
In a conversation with BeInCrypto, Jeff Lunglhofer, Coinbase’s Chief Information Security Officer, shared his version of the events.
Coinbase CISO Addresses Social Engineering Scams
Despite Coinbase’s clear understanding of the widespread harm caused by social engineering scams affecting its users, Lunglhofer stressed that the broader crypto community should address this problem collectively rather than entrusting the responsibility to a single entity.
“In the context of the broader social engineering challenge that’s out there, of course, Coinbase customers are impacted. We’re keenly aware of it. We’ve been rolling [out] a number of control improvements to help protect our users, and, I think more importantly, we are working with the broader industry to bring these ideas and these control uplifts across the industry, across all crypto exchanges, across everything,” Lunglhofer told BeInCrypto.
Coinbase’s CISO referenced the exchange’s collaborative efforts with other platforms to combat this problem in his reply.
Specifically, Lunglhofer pointed to the “Tech Against Scams” initiative, a partnership with industry players like Match Group, Meta, Kraken, Ripple, and Gemini to fight online fraud and financial schemes.
Lunglhofer also added that Coinbase takes a similar approach when flagging theft addresses.
Why Coinbase Handles Theft Addresses Differently
When BeInCrypto asked Coinbase why it doesn’t publish theft addresses across popular compliance tools, Lunglhofer explained that the exchange has a different procedure for these scenarios.
“We will communicate with other exchanges directly [and] let them know the addresses that we’ve seen where assets have been withdrawn,” he said, adding that “when we see that there’s, in fact, fraudulent [activity], we will pull back all the wallets that are associated with the fraud and we’ll push those out to the other exchanges that we have communications with,” he said.
Lunglhofer also mentioned Crypto ISAC, an intelligence and information-sharing group established by Coinbase in collaboration with various other crypto exchanges and organizations to distribute information related to scams.
Coinbase’s Struggle Against the Flood of Spoofed Content
Lunglhofer admitted that the number of spoofed emails Coinbase identifies or receives in the form of reports far exceeds the exchange’s capacity to take them down.
“Regrettably, they’re a dime a dozen. I can open ten of them in five minutes. It’s super easy to do. So there’s not a lot we can do about that. But, when we identify them [or when] a customer reports them, we do have them taken down,” he said.
Coinbase uses vendors to eliminate circulating spoofs or phishing campaigns in those instances.
“We have several vendors that we use to do takedowns. So anytime we see a fraudulent phone number pop up, anytime we see a fraudulent URL [or] a fraudulent website get established, we will issue those for takedown. We’ll use our vendors to work with the DNS providers and others to bring those down as quickly as possible,” Lunglhofer told BeInCrypto.
Although these preventative measures are essential for the future, they provide minimal recourse for users who have already lost millions of dollars to scams.
Whose Responsibility Is It? User vs. Exchange
Coinbase did not respond to BeInCrypto’s inquiry about developing an insurance policy for users who lost savings to social engineering scams, leaving their approach in this area unclear.
Yet, social engineering scams are complex, relying on significant emotional manipulation to build trust. This complexity raises questions about the degree of responsibility that falls on user vulnerability versus potential shortcomings in the centralized exchange’s user protection measures.
The broader cryptocurrency community generally agrees that more educational materials are necessary to help users distinguish between legitimate communications and scam attempts.
Regarding this issue, Lunglhofer clarified that Coinbase will never call users out of the blue. He also noted that Coinbase has recently implemented different features that act as warnings for users potentially interacting with a scam.
Furthermore, the CISO cited a ‘scam quiz,’ an educational tool that appears as a real-time banner when a user is about to undertake a transaction flagged as suspicious by the exchange.
Though this feature is an advantage, its ability to protect users is hard to quantify, especially regarding how efficiently it flags suspicious activity. Coinbase did not respond when BeInCrypto asked if the exchange internally tracked data related to social engineering scams.
A similar issue arises with Coinbase’s ‘allow lists.’
The $850,000 Coinbase Loss
Coinbase offers a feature that enables users to create a safelist of approved recipient addresses to help prevent transactions to unfamiliar or unverified addresses. Lunglhofer strongly urges Coinbase users to adopt this measure.
“We offer every retail customer the ability to create ‘allow lists’ for wallets that they’re permitted to transfer assets to. On my personal account on Coinbase, I have ‘allow listing’ turned on, and I only have three wallets that are allowed,” Lunglhofer detailed.
However, the $850,000 scam loss suffered by a Coinbase user in January, as revealed by ZachXBT, shows a critical limitation of safelists.
Even after a victim adds a theft address, manipulation leading to this addition can still occur, thereby neutralizing the intended protection.
Can Coinbase Do More to Protect Users?
Sophisticated social engineering scams are a growing threat, creating significant challenges for crypto users. Coinbase users and centralized exchanges in general are particularly affected.
Despite Coinbase’s outlined efforts, the significant financial losses highlight the limitations of current industry-standard measures against determined scammers.
While cooperation is crucial across the board, Coinbase, as a leading platform, must also put more proactive efforts and resources into educating its users.
Social engineering is predominantly a user-driven issue, not a security failure for any exchange. Yet, platforms like Coinbase have the critical responsibility to lead industry-wide initiatives to address these threats.
The millions lost are a stark reminder that vigilance and collective action are paramount in safeguarding users against these increasingly refined and frequent attacks.
As the crypto space continues to mature, users are looking for more than just exchange to trade. They want smarter tools that not only facilitate transactions but also put their assets to work.
This shift in demand has given rise to Figure Markets, a pioneering zero-fee crypto exchange and Earn & Borrow hub that is redefining the way users engage with their digital wealth. Through innovative products like Forward Vault (offering up to 8% APY), and Demo Prime where users can lend cash or crypto to other traders and have the opportunity to earn up to 10%, Figure Markets combines exclusive opportunities with zero trading fees to help users grow and diversify their portfolios effortlessly.
Figure Markets is a blockchain-native trading platform built on Provenance Blockchain, combining DeFi benefits with institutional-grade compliance and transparency.
Founded in 2024 by Mike Cagney, former CEO of SoFi and Figure Lending, it represents the next evolution of capital markets, merging traditional finance rigor with blockchain innovation.
With Provenance already trusted for over $30 billion in real-world transactions, Figure Markets is designed to bridge the gap between Web2 finance and Web3 opportunity.
Where Speed, Self-Custody, and Real-World Yield Meet
At its core, Figure Markets is built for speed, security, and user ownership. Trades are matched off-chain for lightning-fast execution, but settled transparently on-chain through Provenance, meaning every trade issues a Security Entitlement (SE), a legally-compliant, tokenized proof of ownership you actually control. Not just a database entry, but a real on-chain asset backed by law.
The platform charges 0% trading fees on a curated set of major assets — BTC, ETH, SOL, LINK, UNI, and USDC, removing a major cost barrier for active traders. Combined with fast settlement and MPC-based self-custody (where no single party ever holds your keys), Figure lets you trade and hold crypto on your terms.
The true value of Figure Markets reveals itself after the trade, where users gain access to an integrated ecosystem of yield-generating opportunities. Through Forward Vault, they can allocate idle crypto into structured real-world yield strategies, earning up to 8% APY without taking on speculative risk.
For users looking to generate passive income without active trading exposure, Demo Prime provides a gateway to margin lending returns, turning dormant assets into productive capital. Meanwhile, Figure’s crypto-backed loans allow holders of BTC and ETH to unlock fiat liquidity against their portfolios without needing to liquidate core positions, preserving their upside potential. Finally, investors seeking diversified, real-world returns can look forward to participating in their on-chain stocks coming soon! Users of the platform will be able to Buy/Sell traditional stocks and utilize this with crypto simultaneously.
Whether you’re an active trader seeking fee-free execution, a long-term holder wanting to unlock liquidity without selling, or an institution needing transparent custody and compliance-ready operations, Figure Markets isn’t just another exchange. It’s a platform where your assets grow, move, and work, fully on-chain, fully under your control.
Trading Without Losing Custody
On most centralized exchanges, true ownership of assets is unclear, you deposit, trade, but don’t fully control your holdings. Figure Markets changes that.
With decentralized MPC custody, private keys are never stored in one place, offering enhanced security and keeping you in control. Your assets are also never locked away. They can be used as collateral across the platform, enabling you to leverage your holdings while maintaining full access and visibility.
Liquidity, But Not At The Cost of Transparency
Exchanges live and die by liquidity and Figure doesn’t pretend otherwise. What’s impressive is how it maintains liquidity without sacrificing decentralization.
Through a hybrid model, Figure offers the seamlessness of off-chain matching (for speed and volume), but settles trades transparently on-chain. Each asset movement is verifiable through the Provenance Blockchain and linked to the unique SE tokens that represent them.
You get public auditability, fast execution, and best of all, you retain custody. For active traders, that means performance without counterparty anxiety. For long-term holders, it means clarity and yield opportunities on the same stack.
And because it operates with both USD and USDC pairs, it’s friendly to fiat rails, with ACH and wire support built-in which mean no third-party workarounds or off-platform gymnastics.
An Exchange That Respects Regulation Without Becoming Bureaucratic
Crypto’s relationship with regulation has often been reactive, antagonistic, or simply evasive. Figure Markets takes a very different path, it builds with regulation in mind from the start.
It’s the same team that successfully registered YLDS, a yield-bearing stablecoin, with the SEC, marking a groundbreaking achievement as the first stablecoin to receive SEC approval. This commitment to compliance isn’t just an exception, it’s the foundation of Figure Markets’ entire approach.
By issuing security entitlements and adhering to U.S. regulatory frameworks, Figure Markets stands as a blueprint for compliant, transparent DeFi. The platform operates under a regulated broker-dealer and SEC-registered ATS structure, signaling its commitment to integrating traditional finance compliance with blockchain innovation.
With its U.S. headquarters and clear legal structure, Figure offers users not just a crypto exchange, but a model for regulated digital finance. Its regulatory clarity, coupled with features like decentralized custody and margin-free collateralization, underscores its dedication to building a sustainable, long-term infrastructure that works with regulators, not around them. While that means proper KYC procedures, it also means you’re trading on a platform built for the future, a platform that’s here for the long haul, beyond just the next bull run.
Demo Prime: Passive Margin Lending for Consistent Returns
Demo Prime provides a simple and effective way for users to earn up to 11.9% annually by lending their USD, crypto, or stablecoins to margin traders. The beauty of Demo Prime lies in the fact that you don’t need any trading experience or market knowledge to participate. By engaging in risk-managed lending, you’re lending your assets to traders who use them for margin trading, but your returns are not dependent on market performance, ensuring a steady source of income.
The platform backs the lending activity with collateral, reducing the risk involved for lenders and ensuring your funds are protected. With transparent lending terms, you’ll know exactly what to expect in terms of returns, fees, and duration, giving you peace of mind as you grow your assets. Whether the market is bullish or bearish, your earnings are based on margin activity, providing predictable returns and consistent income.
Not Just an Exchange, It Is A Portal Into On-Chain Finance
Where Figure Markets really departs from its competitors is in what happens after the trade. Most exchanges want to keep you cycling trades, chasing the next pump. Figure does the opposite, it invites you to put your assets to work.
You can move idle funds into Forward Vault, where they’re allocated into structured, real-world yield strategies, turning passive holdings into productive capital.
If you’re looking for returns without the grind of active trading, Demo Prime offers access to margin lending yields, all without lifting a finger.
And if you need liquidity but don’t want to sell your Bitcoin or Ethereum, you can tap into crypto-backed loans, unlocking fiat value while still holding onto your upside.
None of these require transferring assets off-platform. No bridges, no re-verifications, no extra wallets. Because Figure is built as a modular ecosystem, your exchange wallet is your earning wallet, your borrowing wallet, your real-world yield wallet, all in one place.
That’s not a trading platform. That’s finance rebuilt on-chain.