Security Alert! SlowMist Founder and ZachXBT Flag Coinbase’s Seed Phrase Page

A new security controversy has emerged around Coinbase after cybersecurity experts flagged a page that asks users to enter their seed phrases directly. The page appears to be part of Coinbase’s ongoing transition from its Commerce platform to Coinbase Business. The deadline for this transition is set for March 31, 2026.

As part of this migration, users are given the option to recover or transfer funds. However, one method requires users to input their 12-word seed phrase directly into a web interface.

Controversial Recovery Tool Sparks Alarm

The founder of SlowMist posted screenshots of the page, publicly questioning why Coinbase would request such sensitive information in plain text. He described the feature as “unbelievable”, raising fresh discussions about user safety and platform responsibility.

Shortly after, blockchain investigator ZachXBT amplified the concern. He warned that the page could become a powerful tool for attackers looking to exploit users through social engineering. This is because the requirement goes against one of the most basic rules in crypto security.

A seed phrase acts as the master key to a wallet. Anyone who gains access to it can control all the funds inside. For years, experts have repeatedly warned against sharing seed phrases online. However, this new workflow appears to contradict that advice.

Therefore, security experts stress that attackers could replicate the interface or create convincing fake versions to trick users. In fact, they warn that such a setup could act as a “blueprint” for phishing campaigns, especially as social engineering attacks continue to evolve.

Rising Risk of Social Engineering Attacks

Social engineering remains one of the most effective attack methods in crypto, often bypassing technical safeguards by targeting human behavior. Over the past year, multiple investigations have linked millions of dollars in losses to scams. In these cases, users were manipulated into sharing seed phrases or transferring funds under false pretenses.

Moreover, the timing adds urgency. As Coinbase pushes toward its migration deadline, more users may interact quickly without verifying links or processes. This sense of urgency is exactly what scammers exploit.

Consequently, the situation highlights a deeper issue in crypto security. Even legitimate platforms can unintentionally create risky habits if their design contradicts long-standing safety principles. In the meantime, experts strongly urge users to avoid entering seed phrases on any website. They recommend relying on safer, offline recovery options.

The post Security Alert! SlowMist Founder and ZachXBT Flag Coinbase’s Seed Phrase Page appeared first on CoinTab News.