SlowMist CISO: Coinbase Commerce's asset recovery page sitemap also has flaws and is at risk of phishing attacks.

CoinFeed reported on March 19 that after SlowMist founder Yu Xian disclosed the risks of Coinbase Commerce's asset recovery page directly requiring users to enter plaintext mnemonic phrases, SlowMist's Chief Information Security Officer 23pds added that the page's sitemap also has flaws. Malicious attackers can easily use tools like ResourcesSaver to download the front-end code and deploy similar websites. If these websites are combined with domains like Coinbase for phishing attacks, users can easily fall for the scam.