Finance
Share this article

Coinbase Mispricing Allows Users in Georgia to Cash Out for 100 Times Rate

The bug saw Georgia's national currency, the lari (GEL), priced at $290 rather than $2.90.

By Jamie Crawley
Updated May 11, 2023, 4:15 p.m. Published Sep 2, 2022, 10:24 a.m.
jwp-player-placeholder

Coinbase (COIN) users in the Eastern European country of Georgia were able to exploit a price bug that allowed them to cash out their holdings for 100 times the exchange rate, pocketing thousands of dollars in profit.

  • Georgia's national currency, the lari (GEL), was priced at $290 rather than $2.90 on Wednesday. In an email to CoinDesk, Coinbase attributed the missed decimal point to "a third-party technical issue."
  • The error allowed users holding $100 worth of lari on Coinbase to withdraw it to their bank account for $10,000.
  • Some users who were able to take advantage reported that their bank accounts and debit cards were frozen by their banks after transferring their funds to them, which Coinbase said was not at its behest.
  • Coinbase said the issue was exploited by 0.001% of its total users, or about 1,000 customers.
  • While the size of the crypto exchange's loss hasn't been disclosed, a spokesperson described it as "a small non-material amount."
  • "We fixed the issue and and are taking action to retrieve the improperly withdrawn funds,” the spokesperson said.
  • The mispricing was reported earlier by Blockworks.

Read more: Crypto-Exchange Coinbase Stock Is Not Out of the Woods as Market Uncertainty Hovers

STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
By signing up, you will receive emails about CoinDesk products and you agree to our terms & conditions and privacy policy.
CoinbaseGeorgiaEurope

More For You

Specialized AI detects 92% of real-world DeFi exploits

By Oliver Knight, AI Boost|Edited by Stephen Alpher
20 hours ago
hackers (Modified by CoinDesk)

New research claims specialized AI dramatically outperforms general-purpose models at detecting exploited DeFi vulnerabilities.

What to know:

  • A purpose-built AI security agent detected vulnerabilities in 92% of 90 exploited DeFi contracts ($96.8 million in exploit value), compared with 34% and $7.5 million for a baseline GPT-5.1-based coding agent running on the same underlying model.
  • The gap came from domain-specific security methodology layered on top of the model, not differences in core AI capability, according to the report.
  • The findings come as prior research from Anthropic and OpenAI shows AI agents can execute end-to-end smart contract exploits at low cost, accelerating concerns that offensive AI capabilities are scaling faster than defensive adoption.
Read full story