‘Operation Atlantic’: US and UK Team With Firms to Trace, Freeze Millions in Stolen Crypto

Crypto firms like Coinbase and Binance, alongside government agencies like the United States Secret Service and the U.K.’s National Crime Agency (NCA), have flagged $45 million in stolen crypto funds as part of fraud schemes, the parties announced on Thursday. 

In the probe, more than 20,000 victims of approval phishing fraud were identified, and $12 million in funds were frozen in the hopes of returning funds to victims.

“To take on approval phishing at scale, our Global Intelligence team joined forces with multiple international law enforcement agencies and other partners for a focused operational sprint held at the National Crime Agency’s headquarters in London,” Coinbase wrote. 

“The goal was straightforward: identify victims, trace stolen funds, and disrupt the infrastructure that makes approval phishing possible—as fast as we could,” it added. 

The investigative sprint, dubbed “Operation Atlantic,” was first revealed last month and was hosted by the NCA at its headquarters in London. In a week of focused work there, the agencies disrupted “multiple fraud networks,” and will continue to analyze intelligence gathered moving forward. Other crypto firms, like on-chain security firm Chainalysis, crypto exchange Kraken, and stablecoin issuer Tether, were included as partners. 

“Operation Atlantic is a powerful example of what is possible when international agencies and private industry work side by side,” said National Crime Agency Deputy Director of Investigations Miles Bronfield, in a statement. “This intensive action has led to the safeguarding of thousands of victims in the UK and overseas, stopped criminals in their tracks and helped save others from losing their funds.”

The enforcement campaign was focused on crypto investors who may have been impacted by approval phishing, when malicious actors attempt to gain access to funds via fake pop-up notifications or alerts that unsuspecting victims believe come from trusted parties. 

More than 120 web domains used for schemes were identified during the week, according to the Secret Service. 

“With traditional financial crimes, this kind of cross-border, multi-agency coordination would take months,” Coinbase wrote in its recap on the week. “With blockchain technology, we moved from identification to action in a single week-long sprint.” 

The engagement report comes just over a week after alleged North Korean hackers made off with around $285 million via an exploit of Solana protocol, Drift. The exploit would represent just a fraction of the funds lost to crypto scam last year, with a recent report from the FBI indicating that more than $11.4 billion was lost to crypto scams in 2025 alone.