Puerto Rico Crypto Victim Sues Coinbase Over $55M in Frozen Hack Funds

A Puerto Rican man lost $55 million in crypto. He tracked the money to Coinbase. Now the exchange won’t give it back without a court order, and he’s suing.

The plaintiff, identified in court documents only as “D.B.,” filed the lawsuit Monday in California. He’s going after Coinbase for holding onto his stolen cryptocurrency and refusing to return it, even after he proved the funds belonged to him. The case landed in court just over eight months after the hack wiped out his holdings in a single day.

How the Hack Went Down

D.B. clicked a malicious link on August 20, 2024. The link looked like it came from DefiSaver, a legitimate Ethereum DeFi tool that plenty of crypto users trust. It didn’t. The fake site gave hackers access to his wallets, and they drained everything—mostly DAI stablecoin.

The stolen funds didn’t sit still. Hackers pushed the DAI through Tornado Cash, a crypto mixing service that obscures transaction trails. From there, the money landed in accounts at Coinbase. The lawsuit says the thieves later converted DAI into ether, adding another layer to an already complicated mess.

D.B.’s team managed to trace the funds. His agents, Zero Shadow and Five Stones, contacted Coinbase and got the exchange to freeze a retail account holding the stolen crypto. But Coinbase wouldn’t release the money. The company wanted a court order first, despite D.B. providing sworn statements proving he owned the funds.

Five Counts Against Coinbase

The lawsuit hits Coinbase with five separate counts. One of them is unjust enrichment—D.B. thinks the exchange probably made money by holding onto his crypto all these months. The legal filing wants any profits Coinbase earned from the frozen funds returned to him.

He’s also asking for a court declaration that he’s the rightful owner. Pretty straightforward stuff, but it hasn’t been enough to get Coinbase to move. The lawsuit seeks a constructive trust over the disputed assets, a legal mechanism that would ensure any gains from the withheld funds flow back to D.B.

Coinbase hasn’t said anything publicly about the case. Reached for comment, the company didn’t respond. The exchange is sticking to its position—no court order, no release.

The timing lines up with a $55 million DAI draining incident reported in late August 2024. Security researchers tied that hack to malware called “Inferno Drainer,” which had been circulating in crypto circles for months. The malware manipulates smart contracts, tricking victims into authorizing transactions they never intended to approve.

Unknown Hackers and a Ukrainian Suspect

D.B. isn’t just suing Coinbase. He filed seven counts against an unknown hacker or group of hackers, referred to in court documents as John Doe. The charges include fraud, theft, and racketeering. That last one is serious—it suggests organized criminal activity, not just a lone actor.

See also: CFTC Ruling on Kalshi and Coinbase-Backed Prediction Markets Could Reshape Crypto Betting

The lawsuit names a Ukrainian individual, Oleksiy Oleksandrovych Goreliikhin, as someone who played a role in laundering the stolen funds. No details on how investigators identified him or what evidence connects him to the case. But the mention adds an international dimension to what’s already a tangled web of crypto crime.

Phishing attacks like this one keep hitting DeFi users. The methods get more sophisticated each year. Inferno Drainer wasn’t the first malware to target crypto wallets, and it won’t be the last. Users click links that look legitimate, enter their credentials, and boom—wallets empty in minutes.

Tracing stolen crypto is hard enough. Getting it back is harder. Even when victims can follow the money through the blockchain and pinpoint exactly where it ended up, exchanges often won’t release funds without legal backing. Coinbase’s position isn’t unusual in the industry, but it puts victims in a tough spot. They can see their money sitting there, frozen, and can’t touch it.

D.B.’s legal team is pushing for a ruling that would force Coinbase to hand over the funds. Without that court order, the exchange keeps holding the crypto. The situation sits in limbo—frozen accounts, frozen legal proceedings, everything waiting on a judge’s decision.

The use of Tornado Cash in the laundering process complicates recovery efforts. Mixing services scramble transaction histories, making it tough for investigators to build a clear picture of where funds moved and who controlled them at each step. By the time the DAI hit Coinbase, it had passed through enough hands and wallets that untangling the chain took serious forensic work.

The lawsuit’s focus on unjust enrichment is interesting. D.B.’s lawyers think Coinbase benefited financially from holding the frozen assets. Maybe the exchange earned interest, maybe it used the funds in some other way—the filing doesn’t specify. But the claim suggests Coinbase did more than just freeze the account and walk away.

See also: Law Firm Fights to Keep $134M in ETH Tied to Kelp Hack Frozen

The seven counts against John Doe cover a lot of ground. Fraud and theft are obvious, but racketeering implies a pattern of criminal activity, possibly involving multiple people working together. The lawsuit treats the hack as part of a larger operation, not an isolated incident.

Identifying Goreliikhin as a suspect in the laundering operation raises questions about how international these crypto crimes really are. If a Ukrainian national helped move stolen funds through various services before they landed at a U.S. exchange, that’s a jurisdictional nightmare for prosecutors. Different countries, different laws, different levels of cooperation between authorities.

The case shows how vulnerable DeFi users remain to phishing attacks. DefiSaver is a real tool, widely used, and the hackers knew that. They built a convincing fake, waited for someone to click, and stole $55 million in a single day. D.B. wasn’t the only victim of Inferno Drainer—security firms reported multiple incidents involving the malware around the same time.

Coinbase’s refusal to release the funds without a court order protects the exchange from liability, but it leaves victims stuck. D.B. proved ownership, his agents traced the funds, and Coinbase froze the account. Now everyone waits for a judge to decide what happens next.

Hub: DAI price, news, and analysis