Phishers Meet Their Match: Operation Atlantic Freezes $12M, Flags $45M in Approval Phishing Haul

In what can only be described as a very bad week for scammers, Coinbase, Binance, and a handful of government agencies just pulled off a crypto heist of their own—the legal kind. Nobody said crime doesn't pay, but apparently, it does pay... in subpoenas.

Operation Atlantic, a week-long investigative sprint hosted by the U.K.'s National Crime Agency in London, flagged $45 million in stolen crypto and froze $12 million with the goal of returning funds to victims. More than 20,000 approval phishing victims were identified during the operation. That's 20,000 people who probably clicked "approve" one too many times and now have a very expensive lesson in wallet security.

"To take on approval phishing at scale, our Global Intelligence team joined forces with multiple international law enforcement agencies and other partners for a focused operational sprint," Coinbase explained. "The goal was straightforward: identify victims, trace stolen funds, and disrupt the infrastructure that makes approval phishing possible—as fast as we could." Translation: we found the scammers' candy store and locked the doors while they were still counting the loot.

The Secret Service, NCA, Chainalysis, Kraken, and Tether all participated. Over 120 web domains used in the schemes were identified. That's 120 phishing sites doing the digital equivalent of standing outside a bank in a fake mustache. Except these guys didn't even have the decency to wear disguises—they just copied-pasted malicious contract approvals and waited for degens to hand over the keys.

"With traditional financial crimes, this kind of cross-border, multi-agency coordination would take months," Coinbase noted. "With blockchain technology, we moved from identification to action in a single week-long sprint." Imagine if traditional banks could move this fast. Actually, don't— you'll only make yourself sad.

The timing: just over a week after alleged North Korean hackers allegedly made off with around $285 million via a Solana protocol exploit. Nothing says "we mean business" like catching small-time phishers while the Lazarus Group is out there living its best life with $285M in SOL. Classic law enforcement—chasing the parking meter violators while the Ferrari theft happens in the next lane.

Meanwhile, crypto fraud keeps climbing. Americans reported $11.366 billion in crypto-related losses in 2025—a 22% jump year-over-year. The FBI's IC3 received 181,565 crypto-related complaints last year, up 21%. That's a lot of people learning that the only thing more dangerous than a smart contract is their own finger hovering over the "approve" button.

NCA Deputy Director Miles Bronfield called it "a powerful example of what is possible when international agencies and private industry work side by side." And by "work side by side," we mean "share enough coffee and chain数据分析 to make scammers wish they'd picked a different career."