Coinbase Loses $300K After MEV Bots Exploit Token Approval
On August 13, security researcher Deebeez revealed that Coinbase’s corporate wallet mistakenly approved Amp (AMP), DEXTools (DEXT), MyOneProtocol (MYONE) and Swell Network (SWELL) to the permissionless 0x swapper contract after a configuration change. MEV bots then exploited the arbitrary call feature and drained about $300,000 within seconds. Coinbase said no customer funds were affected. The exchange has revoked the approvals, moved remaining assets to secure wallets and is reviewing internal approval procedures. The incident underscores the need for robust smart-contract security in DeFi—isolated wallets, approval limits and quick revocation—to prevent MEV exploits.
Neutral
The incident involves only company assets and a relatively small $300,000 loss, so it is unlikely to affect the wider crypto market or Coinbase’s stock materially. In the short term, traders may note heightened security risks around corporate wallets but customer confidence remains intact since no user funds were lost. Over the long term, Coinbase’s swift response—revoking approvals, securing assets and reviewing procedures—should strengthen trust in its security posture. Overall, the news is neutral for market prices of the tokens involved.